Information Security Policy

By lmartinez, 5 March, 2025
Content
Title
Information Security Policy
Image
Insurance Technology Solutions
Text Color
White
Text Alignment
Left
Link Background Color
Tangerine
Size
Medium
Overlay effect
Hide overlay effect
Include featured clients
No
Title
Objective
Description

At Rootstack S.A., we are committed to the implementation, maintenance, and continuous improvement of our Information Security Management System, ensuring that our operations meet the highest standards of quality and information security.

 

This policy provides a structured framework to manage and protect information assets, ensuring their confidentiality, integrity, and availability throughout all business operations, while adhering to the standards of quality and security, including ISO/IEC 27001:2022, and ISO 9001:2015, which guide our processes and practices.

 

To support this commitment, we prioritize proactive risk management, secure handling of client and internal data, and strict compliance with regulatory and contractual obligations.

 

By fostering a culture of awareness and accountability, we empower our team to uphold security best practices at every level. Additionally, we leverage industry-leading technologies and processes to ensure robust protection of information assets while continuously evolving our system to address emerging challenges and align with organizational goals.

Style
Description & media top aligned
Image position
Right
With Background
No
Text Alignment
Left
Text Items
Title
Scope
Description

The Information Security Management System at Rootstack encompasses all operations related to software development, outsourcing services, technology consulting, and project management. It ensures that our internal processes are aligned with quality and security objectives, and are in full compliance with ISO 27001 for information security management.

Style
Description & media top aligned
Image position
Left
With Background
No
Text Alignment
Left
Text Items
Title
Policy Principles
Description

Confidentiality:

  • Ensure that information is accessible only to authorized individuals.
  • Protect sensitive client data, including code repositories and project documentation, through access controls and encryption.

 

Integrity:

  • Safeguard information against unauthorized changes to maintain its accuracy and reliability.
  • Implement version control systems and secure environments for software development.

 

Availability:

  • Ensure information and systems are accessible to authorized users when required.
  • Employ robust disaster recovery plans and maintain backups of codebases and client data.

 

Compliance

  • Adhere to applicable legal, regulatory, and contractual requirements, including international standards such as ISO 27001 and ISO 9001:2015.
Style
Description & media top aligned
Image position
Right
With Background
No
Text Alignment
Left
Text Items
Countries
Latin America
North America
United States of America
Canada
Panamá
Colombia
Translation
Política de seguridad de la información
Hide Breadcrumb
Breadcrumb showed
Menu Quick Actions