Information Security Policy

This information security policy is approved by Viralgen's Management in order to reinforce the awareness of all Viralgen's members about the threats that may arise. Likewise, this policy constitutes the commitment in  the  continuous  improvement  of  the  level  of  maturity  in  the  corporate  processes,  with  the  objective  of  maintaining  high  security  standards  that  protect  the  confidentiality,  integrity  and  availability  of  corporate information, complying with the following guidelines: 

  • Confidentiality: The information processed in Viralgen will have the appropriate security measures to restrict its knowledge to previously authorized persons and minimizing the probability of suffering an unauthorized dissemination of corporate information.

  • Integrity: The  information  stored  in  Viralgen's  systems  will  not  be  modified  in  an  unauthorized  manner, always aiming to have complete, accurate and valid information.

  • Availability: The  information  generated  and  used  in  Viralgen  will  be  accessible  and  usable  by  authorized and identified users at all times, guaranteeing its restoration capacity in the event of any foreseen eventuality.

  • Cross-cutting adoption: Security measures are not the sole responsibility of the IT department. It is necessary that all Viralgen employees assume their responsibility in the treatment of corporate information, complying with the security measures that directly affect them.
Viralgen's Management, through the approval of this Policy, is committed to the continuous improvement of the  maturity  levels  of  security  controls,  taking  into  account  the  key  performance  indicators  that  provide  information on the effectiveness of the same, the state of the art of the possible threats and cyber threats that may affect Viralgen, and therefore is committed to the implementation, dissemination and support of an Information  Security  Management  System  that  allows  improving  the  following  functions  or  pillars  of  cybersecurity: 
 
  • Identification: Understanding the current context, identifying potential threats that may materialize and that could be detrimental to Viralgen.

  • Protection: Establishing  the  appropriate  technical  and  organizational  security  measures  to  guarantee Viralgen's work, limiting or containing the impact of a possible cybersecurity event.

  • Detection: Defining  the  appropriate  activities  to  identify  and  discover  the  occurrence  of  a  cybersecurity event.

  • Response: Establishing the appropriate activities to take action in the event of a security incident affecting information.

  • Recovery: Promoting the appropriate activities to maintain resilience plans and restore

Please review the following rules: