ACL - Logo
Schedule a call

General Information Security Policy

Security framework based on ISO/IEC 27001:2022 that ensures the confidentiality, integrity, and availability of information at ACL Technology.

This policy applies to all personnel, third parties, and partners who access ACL Technology's information assets.

ACL defines a risk-based approach, with senior management commitment to maintaining, communicating, and improving security policies aligned with the ISO 27001 standard.

To this end, principles and responsibilities are clearly defined, fulfilling legal and contractual requirements and promoting continuous improvement, which establishes a framework for information security objectives.

ACL has developed specific mandatory procedures and policies to comply with the requirements of the ISO/IEC 27001:2022 standard, which include:

Information Security, which establishes general guidelines for the protection of information within the organization and defines its management framework.

Access Control, including the use of multi-factor authentication, least-privilege principles, and periodic access reviews, to ensure that only authorized personnel access the company's information.

Cloud Environment Security for data protection and management of services contracted with external providers, aligned with cloud environment controls and contractual requirements.

Secure Development of Systems and Applications. Security practices are applied throughout the entire software development lifecycle, including design risk analysis, security requirement validation, secure code testing, environment segregation, and platform access controls. These measures seek to prevent vulnerabilities, protect data processed by applications, and ensure traceability and control of implemented changes.

These guidelines translate into policies that are an integral part of ACL Technology's Information Security Management System and are designed to ensure regulatory compliance, the effectiveness of controls, and continuous improvement.

Jorge Portus Ortega

General Manager

ACL Tecnología SPA

August 2025