The search for new market strategies aimed at providing guarantees, not only on the quality of services provided, but also on how to treat information about customers, suppliers, and other stakeholders has given rise to ISS International SpA the need to implement an Information Security Management System in accordance with ISO 27001. Through the adoption of a structured management system oriented to Information Security ISS International SpA intends to protect from all threats, internal or external, intentional or accidental, its corporate information assets, including information and data relating to its customers, suppliers, and partners. ISS International SpA wants to ensure the reduction of risks to the security of information relating to the services it provides to its customers.

The commitment to the ISO 27001 standard tends to ensure that:

• information is protected from unauthorized access while respecting confidentiality and is available to authorized users;
• information is not disclosed to unauthorized persons as a result of deliberate or negligent action and, with due regard to integrity, is safeguarded from unauthorized modification;
• business continuity plans are in place and these plans are kept up to date and monitored as far as possible;
• personnel receive information security training;
• all information security breaches and possible vulnerabilities are investigated and dealt with.

Through the implementation of information security policies, ISS International SpA intends to fulfill its commitment to compliance with ISO 27001 and the continuous improvement of its Integrated Management System. To achieve this goal, the Management is committed to ensuring that this policy is disseminated, understood, and implemented not only by internal staff but also by external collaborators, consultants, and suppliers who are in any way involved with the information that falls within the scope of the Information Security Management System.

The management is committed to regularly reviewing the policy also in relation to any changes that could affect it, to ensure that it remains appropriate to the business and the ability of ISS International SpA to satisfy customers, suppliers, partners, and all other interested parties.