top of page

Information Security Policy

Purpose of the Policy:

​

This policy provides a general strategic framework that defines the values, commitments, principles, and thus forms the basis of our information management in Lateral Unit. The Policy sets the direction and values for information security within the company and aims to:

​

  1. Serve as a reference framework that establishes the values, principles, and standards that guide all company activities related to information security, while defining a foundation for building security strategies and practices.

  2. Define the commitments and responsibilities of Senior Management, collaborators, and other stakeholders, on information security, to ensure that everyone understands their role in the protection of information.

  3. Align with Lateral Unit's objectives, where information security is considered an integral part of the business.

  4. Communicate the importance of protecting information at all levels of the company as a fundamental support in raising awareness and understanding of risks and best security practices.

  5. Establish a foundation for decision-making related to risk management and the implementation of security controls. Also, to provide guidance on how to address information security challenges.

  6. Reflect the organization’s commitment to compliance with applicable laws and regulations related to information security.

  7. Be reviewed and updated periodically to ensure it remains relevant and effective. This promotes continuous improvement of information security efforts.

​

Commitments:

​

As part of this policy, Lateral Unit commits to the following:

  1. Regularly identify and assess information security risks.

  2. Implement appropriate security controls to mitigate identified risks.

  3. Provide training and awareness on information security to all employees and involved parties.

  4. Continuously monitor and review the effectiveness of the implemented security controls.

  5. Respond in a timely and efficient manner to information security incidents to minimize their impact.

  6. Comply with applicable laws and regulations regarding information security.

  7. Periodically review this policy to ensure it remains relevant and effective, and to continuously improve information security management.

​

Rules:

​

  1. Lateral Unit collaborators understand information security as the preservation and protection of the confidentiality, integrity, and availability of information, according to its importance to the company, its clients, and/or business partners.

  2. Lateral Unit collaborators are responsible for adequately protecting the information they use, according to its importance, in the various mediums where it is stored or handled, ensuring its confidentiality, integrity, and availability.

  3. Information is classified based on assessment criteria, which depend on its importance to the business and its impact of loss, unauthorized leaks, availability, integrity, and authorization levels. The information must be protected by the collaborators based on classification.

  4. Lateral Unit collaborators must comply with Chilean regulations, laws, and norms, and with the contracts signed with clients and business partners regarding the handling of information.

  5. Lateral Unit must invest in technology and processes, allocating human and financial resources to protect its information.

  6. Lateral Unit must implement control measures consistent with its information security strategy and business objectives.

  7. Lateral Unit must periodically conduct reviews of security risks of its information and manage them appropriately to mitigate their impacts.

  8. Lateral Unit values the relationships with suppliers and third parties, establishing selection criteria and solid contractual agreements. These include confidentiality and information security clauses. These agreements must specify the responsibilities and obligations of both parties in terms of data protection and notification of security incidents.

  9. Every Lateral Unit collaborator has the obligation to notify any event, incident, or situation that affects or may affect Information Security.

  10. Provisions related to Information Security Policies will be duly controlled for compliance by the designated entities within the company.

  11. Non-compliance with this policy constitutes a serious offense and will be sanctioned as such.

  • LinkedIn
  • Email
  • Teléfono

Lateral Unit 2025

Information security policy

bottom of page