0 results
en

SECURITY POLICY

  1. Home
  2. SECURITY POLICY

ALTEN Switzerland’s Management considers important to pursue, by the entire company organization, the objectives of its Information Security Management System (ISMS) according to ISO/IEC 27001 standard.


Information Security Management is a complex process that involves human resources from the business units inside the scope of the certification, specified within the ISMS Manual.

The organization implements the Information Security Policy pursuing the following principles:

  • Adopt ISO27001 standard for the implementation of the ISMS.
  • Have in disposition the necessary resources, with the appropriate role, to establish, implement, maintain and continually improve the ISMS.
  • Nominate formally the responsible of Information Security and the Data Protection Coordinator.
  • Guarantee the centrality of the customer figure and its full satisfaction in terms of Information Security treated within the context of services offered.
  • Sensibilize all internal personnel from the organization regarding Information Security.
  • Ensure that external suppliers and all stakeholders are aware and respect the adopted Security Policy.
  • Guarantee the Confidentiality, Integrity, Availability and Traceability of all information and, in particular, of Personal Data.
  • Guarantee the use of adequate resources and technologies. In order to fulfill these objectives, ALTEN Switzerland commits to:
  • Continually improve the own Information Security Management System.
  • Apply and comply with the regulatory requirements and any other significant requirement, rule, or regulation applicable in the field of Information and Personal Data Security.
  • Securely store the managed information and thus prevent negative Information Security Events in compliance with the principles of Confidentiality, Integrity, Availability and Traceability.
  • Sensibilize and train the right personnel about Information Security topics.
  • Provide a framework for establishing and reviewing Information Security Objectives.
  • Classify the information according to the criteria defined by the organization.
  • Disseminate the principles and values declared in the company policy to make them effective through the communication to and from the various interested parties so that are well understood and followed.
  • Periodically review the policy and objectives whenever there is a need, following the implementation of changes and assessing its suitability as well as taking the commitment to improve it effectively

All professional roles must work to achieve the security objectives in information management. The application of the management system therefore requires the full participation, commitment and effective interaction of all personnel.
The Security Officer is responsible for maintaining the Information Security Policy, coordinating risk management, internal audit and compliance activities as well as all other documentation related to Information Security. Moreover, it is accountable to assess and report the ISMS performance.

The Management is committed to implementing, supporting and periodically verifying this policy and to disseminating it to all users who work for the company or on behalf of it.

The present document is Internal but available for the consulting from all interested parties.
This policy is linked to ALTEN group General Information Systems Security Policy, where the company issues, strategy and way of organization is defined.


In this sense, ALTEN Switzerland has a formalized Service Convention Agreement with ALTEN SA related to the provision of IT services by ALTEN SA to ALTEN Switzerland: Service Description (M365, MyIdentity, MySupport, Security Operations Center, Active Directory Azure, Connectivity, Mail, Zscaler, Unit4, Workplace).


In the content of this document, it is required by ALTEN SA that ALTEN Switzerland complies with Group Information System Security Policies while ALTEN Switzerland requires from its supplier ALTEN SA to comply with the published Services’ Descriptions and ALTEN security requirements as well as provide evidence when required.

Click on the link below to find out more: