INFORMATION SECURITY POLICY

Information Security Policy of IHI Charging Systems International S.p.A. (ICSI S.p.A.)

The information security policy of ICSI S.p.A. represents the commitment to ensure an effective and constantly improving Information Security Management System, and is inspired by the following general principles and objectives:

  1. Ensure the protection of information and the business operations, proportionated to the risks to which ICSI S.p.A. is exposed and to their criticality;
  2. Ensure compliance with current legislation and applicable to the reality in which ICSI S.p.A. work;
  3. Define and communicate roles and responsibilities related to information security, clarifying the responsibilities of all the involved actors.
  4. Define processes and standards that ensure an adequate/proper level of protection;
  5. Guarantee a constant monitoring of security levels and define processes that allow their improvement, as well as the constant updating of new threats and risks;
  6. Ensure that anomalies and incidents affecting the information system and company security levels (in terms of Confidentiality, Integrity and Availability) are promptly recognized and correctly managed through efficient prevention, communication and reaction systems in order to minimize/mitigate the impact on the business (Business continuity);
  7. Ensure secure access to information, in order to prevent unauthorized processing carried out without the necessary rights;made without the necessary rights;
  8. Ensure that the organization and third parties collaborate in the processing of information by adopting procedures aimed at complying with adequate levels of security, operating with full awareness of security issues;
  9. Ensure that access to offices and individual critical company premises is done exclusively by authorized personnel, to guarantee the safety of the areas and assets present;
  10. The processing of personal data of which ICSI S.p.A. is Data controller, take place in compliance with the European Data Protection Regulation GDPR 2016/679.

ICSI S.p.A. Information Security contact

ICT & Data Security Manager ict-datasecurity@ihi-csi.it

Our ISO 27001:2024 certification

Our full Information security Policy

Our TISAX label AL2

Our Privacy notice