Integrated Management System Policy

Integrated Management System policy
(Quality, Security and health at work, Security of information Management)
Rif. BS-OHSAS 18001:2007 – UNI EN ISO 9001:2015 – ISO/IEC 27001:2013
To all Directors of corporate Functions, and therefore to all Personnel.

Object: Corporate policy for 2019
In accordance with the “Quality, Security and health at work, Security of information Management” Integrated Management System’s guide, this document summarizes the Corporate Policy, based on the following principles:

1. 1. 1. Customer satisfaction means respecting his needs and desires.
      2. Guarantee:
         • excellence and professionalism in the provision of services;
         • respect for the needs of the customer and maximum flexibility towards the customer;
         • compliance with rules on corporate health and safety, at the Company and at the customer’s workplace;
         • compliance with internal procedures for the secure management of company assets and data;
         • Constant attention towards the protection of employee’s and associate’s health.
         • commitment to the prevention of injuries and bad health, to the continuous improvement of management and performance in terms of Health and Safety in the workplace;
         • commitment to comply with regulations and legal requirements applicable to:
         • (i) the quality of the service provided, (ii) the assurance of higher safety standards also during consultancy activities with customers, (iii) dangers relating to safety and health in the workplace;
         • attention to the prevention of emergency situations and readiness to respond to them through the implementation of a series of controls for the management of risks inherent to Health and Safety.
         • The three main goals regarding security of information:
           – Availability: guarantee that authorized users have access to the appropriate information and related assets, when necessary.
           – Privacy: Guarantee that information is accessible only to authorized personnel.
           – Integrity: Protect the correctness and completeness of information and of the processing methods of information.
      3. Assess risk by defining:
         • The real probability for an event to occur
         • Vulnerability of the object of the analysis to dangerous events
         • Preventive efficacy of implemented countermeasures
         • Possibility of damage deriving from a security breach
         • Mitigating efficacy on harmful effects of the implemented countermeasures
      4. Spreading the importance of prevention in the organization through information and internal communication.
      5. Maintain constant consultation with employees for greater efficiency of the system of management of safety in the workplace.
      6. Training and consultation activities are the tool for an effective implementation of such an involvement and contribute to the improvement of services.
      7. Quality is trying to do the right things since the first time. This means more effort but a reduction in corrections and inefficiencies.
      8. The General Management, starting from the Customer and market’s needs, annually defines objectives and resources for the Quality, Safety and Health at Work.
      9. Suppliers, customers and all interested parties are an essential component of our society and must be involved in our improvement program.
      10. The success of our company requires the professional and cultural improvement of the individual resources at all levels. Therefore, the identification of a precise and coherent Plan of Training for effective growth.

22/01/2019, the Chief Executive Officer                  Giampiero Lampasona