ABANCE INGENIERIA Y SERVICIOS, S.L., a company dedicated to Naval and Industrial Engineering, seeks a line of constant growth within the framework of the commitment to continuous improvement provided by the implementation of a Quality and Information Security Management System based on the ISO 9001 and ISO 27001 Standards within the following scopes:
ISO 9001:2015 SHIPBUILDING ENGINEERING AND DESIGN SERVICES
ISO 27001:2017 INFORMATION SECURITY MANAGEMENT SYSTEM SUPPORTING SHIP AND NAVAL SYSTEMS ENGINEERING ACTIVITIES ACCORDING TO THE STATEMENT OF APPLICABILITY
The Management of ABANCE INGENIERIA Y SERVICIOS, S.L. focuses the Quality and Information Security Management System on the continuous improvement of its effectiveness and is committed to achieving customer satisfaction by complying with the requirements demanded as well as those associated with our activity. ABANCE guarantees the maximum protection of all our information assets against any type of intentional or unintentional invasion always ensuring absolute confidentiality, integrity, and availability of the information.
The Management of ABANCE INGENIERIA Y SERVICIOS, S.L., establishes the following as basic objectives, starting point and principles of information security:
- Protection of personal data and the privacy of individuals
- Safeguarding the organization’s records.
- Protection of intellectual property rights
- Information security policy documentation
- Assigning security responsibilities
- Information security training and capacity building
- Recording security incidents
- Business continuity management
- Management of security-related changes in the company
For all these reasons, the Management of ABANCE INGENIERIA Y SERVICIOS, S.L. bases its commitment to quality and information security on:
- Ensuring compliance with legal, regulatory, and statutory requirements at all times, as well as with the requirements and expectations of interested parties.
- The correct implementation of the Quality and Information Security Management System. Its improvement is everyone's responsibility and has the backing and commitment of the Management who supports those changes required to achieve excellence by providing all the necessary resources available.
- The quality of the service provided developed as part of the expectations of economic growth.
- Improving service delivery which requires improving the organization’s resources, both human and material.
- Achieving customer satisfaction through the effective implementation of the Quality and Information Security Management System, including processes for measuring customer satisfaction, always safeguarding maximum confidentiality, integrity and availability of assets, immediate attention to complaints, prevention of non-conformities and quality indicators.
- Risk assessment in all its processes, as well as internal control measures for suppliers and other collaborating entities in order to prevent possible deviations or non-conformities in the implemented quality and information security management system.
- Defining security training requirements and providing the necessary security training to stakeholders by establishing training plans.
- Prevention and detection of viruses and other malicious software, by developing specific policies and establishing contractual agreements with specialized organizations.
- Business continuity management by developing continuity plans in accordance with internationally recognized methodologies. Establishing consequences for breaches of security policy which will be reflected in the contracts signed with stakeholders, suppliers, and subcontractors.
This quality policy is constantly evolving with the company thus being reviewed for continuous adaptation at least at the Management’s System Review, as well as the quality and information security objectives since this Policy is considered the reference framework for setting and reviewing these objectives.
The policy of ABANCE INGENIERIA Y SERVICIOS, S.L. is the means to lead the organization towards improving its performance and is available to the interested parties and communicated each time it undergoes a revision so as to make it understood at all levels.
