Information Security Policy

From F. Franco and Sons, SLAs a company dedicated to the manufacture of furniture for the home, we are aware of the importance of information security for the daily development of our activity and the correct management of information and assets of our organization.

In order to ensure such management, in F. Franco and Sons, SL We have implemented an Information Security Management System in accordance with the requirements of the ISO/IEC 27001:2022 standard to guarantee the continuity of information systems, minimize risks and ensure compliance with the established objectives.
To ensure the effectiveness and application of the Information Security Management System, an Information Security Committee is established which will be responsible for the approval, dissemination and compliance with this Security Policy, as well as the supervision, implementation, development and maintenance of the Management System.

The objective of this Security Policy is to establish the framework for action necessary to protect information resources against threats, internal or external, deliberate or accidental, in order to ensure compliance with the confidentiality, integrity and availability of information. To this end, the following commitments are issued:
● Comply with current legislation on information security.
● Ensure the privacy of data managed by F. Franco and Sons, SL of customers, employees, suppliers and third parties.
● Ensure the confidentiality, availability and integrity of our organization's information assets.
● Identify and reduce information security risks relevant to our organization.
● Ensure the capacity to respond to emergency situations, restoring the operation of critical services in the shortest possible time.
● Protect information assets according to their value or importance.
● Promote awareness and training in information security.
● Establish a reference framework for the fulfillment of objectives and goals in terms of information security, as well as for continuous improvement in our activities and processes.

Any person whose activity may, directly or indirectly, be affected by the requirements of the Information Security Management System is obliged to strictly comply with the Security Policy.

Go to content