Management System Policy

Royal Comunicación, a company established in 2007, is committed to the development of new information and communication technologies (ICT). In collaboration with our clients, we provide creative solutions in digital marketing to ensure their online presence meets their intended objectives and is a success.

At our agency, we have a highly specialized, professional, and multidisciplinary team. We foster an intense and pleasant working environment where good ideas flow. From the first marketing concept, banner design, to the configuration of a KPI panel, at Royal, we offer high-quality service. We are sensitive to our clients’ needs and committed to achieving their desired project success.

Therefore, proximity, quality service, and result-oriented approach are our hallmarks. Aware of the significance of information security and in line with our own identity, Royal has promoted the establishment of an Information Security Management System according to the ISO/IEC 27001:2013 standard. This is to identify, assess, and minimize the risks to which their information and that of their clients are exposed, as well as to ensure compliance with established objectives.

The main objective of this Security Policy is to establish a framework for us to develop a company culture, a way of working, and decision-making at Royal, where information security and respect for personal data are constant. This is achieved by:

  • Preserving the confidentiality of information and preventing its disclosure and access by unauthorized persons.
  • Maintaining the integrity of information by ensuring its accuracy and avoiding its deterioration.
  • Ensuring the availability of information on all media and whenever necessary.

The management, on the other hand, especially values and establishes the availability and confidentiality of its information and that of its clients as a primary criterion for estimating its risks. Therefore, they commit to developing, implementing, maintaining, and continuously improving their Information Security Management System (ISMS) with the objective of continuous improvement in the way we provide our services and the way we treat our clients’ information. Hence, it is Royal’s policy that:

  • Objectives are set annually in relation to Information Security.
  • The legal, contractual, and business requirements are met.
  • Training and awareness activities on Information Security processes are conducted for all personnel.
  • An analysis, management, and risk treatment process is developed for information assets.
  • Control objectives and corresponding controls are established to mitigate the detected risks.
  • Employees are assigned responsibilities in relation to:
  • Reporting security breaches
  • Preserving the confidentiality, integrity, and availability of information assets in compliance with this policy
  • Complying with policies and procedures inherent to the Information Security Management System.

The Security Officer will be directly responsible for maintaining this policy, providing advice and guidance for its implementation, and making corrections for deviations in compliance.
This Information Security Policy will always be aligned with the company’s general policies and those that serve as a framework for other internal management systems, such as quality or environmental policies.