AuraPortal’s activity is based on IT development for business process management purposes, focusing on medium and large enterprises.
AuraPortal offers a product that includes various interrelated technological and business worlds in one single system, constituting the areas of greatest interest and efficiency in business management today and for the foreseeable future.
AuraPortal’s vision is to consolidate its position as a Software development company, gain recognition in the international market for the quality of its products, and become a market leader. In its working environment, AuraPortal strives to establish a pleasant atmosphere in which workers feel fulfilled and content.
As a result, customers will benefit from a company with solutions to their business management problems, consolidated by its service, product and commercial aspect.
Commitment to quality
In order to maintain and improve its market position, AuraPortal management is aware of the importance of providing safe products and services that meet customer demands in a dynamic environment. This is where the quality system intervenes and enables the following important objectives to be achieved:
- To give customers the option of a high-quality company recognized by an external accredited entity. To this end, customer requirements will be considered and incorporated into company objectives.
- To meet Quality Management System requirements. To control, measure and continuously improve operational work processes in the organization, supporting effectiveness and efficiency. This action will be one of the means to achieve customer satisfaction.
- To achieve a high level of wellbeing and professional satisfaction for all personnel.
Management commitment to Information Security
At AuraPortal, information is a fundamental asset for the provision of its services and for efficient decision making, which is why AuraPortal is expressly committed to protecting its most significant properties as part of a strategy oriented at business continuity, risk administration and the consolidation of a security culture.
Conscious of its current needs, AuraPortal implements an information security management model based on the ISO/IEC 27001 standard; a tool which allows any possible information risks to be identified and minimized, to help reduce operational and financial costs, establish a security culture and guarantee compliance with legal, contractual, regulatory and current business requirements.
The website uses information security techniques that are widely accepted in the industry, such as firewalls, access control procedures and cryptographic mechanisms, to prevent unauthorized data access. To achieve this, the user / customer accepts that the provider obtains data for the relevant access control authentication.
The process of analyzing the risks of information assets provides support for the development of Information Security policies and the controls and control objectives selected to obtain AuraPortal’s expected protection levels. This process will be permanently led by the Chief Information Security Officer.
This policy will be reviewed regularly as part of the managerial review process, or when changes to the business, its structure, its objectives or any condition that may affect the policy are identified, to ensure that it continues to be adequate and adjusted to the identified requirements.
General information security policies
AuraPortal has established the following General Information Security Policies which represent the organization’s vision regarding the protection of its information assets:
1. There will be a Chief Information Security Officer who will be responsible for the maintenance, review and improvement of the AuraPortal Information Security Management System. The Chief Information Security Officer will be actively supported in all processes by the Head of each department.
2. AuraPortal information assets will be identified and classified to establish the necessary protection mechanisms.
3. AuraPortal will define and implement controls to protect the information from authenticity violations, unauthorized accesses or the loss of integrity, which will guarantee the availability required by the customers and users of the services offered by the entity.
4. All contractors will be responsible for protecting the information accessed and processed by them, to avoid loss, alteration, destruction or misuse.
5. Periodic audits and controls will be performed on the AuraPortal Information Security management model.
6. Only the use of authorized software that has been legally acquired by AuraPortal will be permitted.
7. It is the responsibility of all AuraPortal personnel and contractors to report any security incidents, suspicious events or the misuse of the identified resources.
8. Violations of the Information Security Policies and Controls will be registered, analyzed and monitored.
9. AuraPortal will have a Business Continuity Plan to ensure the continuity of operations in the occurrence of unforeseen events or natural disasters. AuraPortal also has specific policies and a set of standards and procedures in place to support the corporate policy.