1. Ensuring the confidentiality, integrity and availability of the Organization's information, using information security and privacy mechanisms, balancing risk, technology and cost factors.
2. Guaranteeing adequate protection of information and systems against unauthorized access, copying, reading, modification, destruction and unauthorized disclosure.
3. Ensuring that information assets are used only for the purposes approved by the Organization, being subject to monitoring, traceability and auditing.
4. Ensuring the participation of the Organization's staff in the Information Security and Privacy Awareness Program.
5. Guaranteeing the existence of processes for business continuity and security incident management for protection, detection, response and recovery against cyber attacks.
6. Ensuring compliance with this Policy, the Organization's Information and Privacy Security Rules and Standards.
7. Ensuring the commitment of top management to the continuous improvement of processes and resources necessary for Information Security and Privacy.
Information Security and Privacy Dept. within its competence to guarantee the availability, integrity and confidentiality of the information of AlmavivA Group companies in Brazil has prepared this document, satisfying the necessary requirements to guarantee information security, thus mitigating the risks associated with information leakage.