Nordstern Technologies Quality Policy
At Nordstern Technologies, we develop world-class cybersecurity services, distinguished by delivering high value through innovation. Consequently, Quality Management is a cornerstone of our operational strategy and a fundamental element of our Mission and Vision 2025. Therefore, all of us who collaborate within the organization are committed to the progressive achievement of high-quality standards in our services, ensuring our clients' trust through a structured process of continuous improvement and full compliance with applicable requirements.
Marco Antonio Rico Guisa
General Director of Nordstern Technologies
Service Management System Policy
Nordstern Technologies, aware of the importance of proper cybersecurity service management, has established a Service Management System through which it ensures the continuous improvement of the services offered to its clients. It is designed to implement a complete administration cycle, ensuring levels of confidentiality, integrity, and availability of information, business processes, and the technological and security assets of its clients.
Nordstern Technologies is committed to the implementation, maintenance, and continuous improvement of a Service Management System that ensures compliance with requirements — whether from clients, the company, legal, or regulatory — through effective planning, innovation, execution, and process control.
Marco Antonio Rico Guisa
General Director of Nordstern Technologies
Information Security Policy
At Nordstern Technologies, information is a fundamental asset for service delivery and efficient decision-making, which is why there is an explicit commitment to protecting its most significant properties as part of a strategy aimed at business continuity, risk management, and the consolidation of a security culture.
Recognizing the current needs in generating, handling, and storing information securely, Nordstern Technologies implements an information security management model as a tool to help identify and minimize risks to information, reduce operational and financial costs, establish a security culture, and ensure compliance with legal, contractual, regulatory, and business requirements.
Senior management, internal and external staff, suppliers, and all those with responsibilities over Nordstern Technologies’ information sources, repositories, and processing resources must adhere to the guidelines contained in this document and related documents to maintain the confidentiality, integrity, and availability of information.
Nordstern Technologies’ General Information Security Policy is supported by specific policies, standards, and procedures that guide the proper handling of the Organization’s information. Additionally, specific information security policies are established, based on the control domains and objectives outlined in Annex A of ISO/IEC 27001:2013.
T
his policy must be regularly evaluated as part of the management review process, or whenever business changes, structure, objectives, or other conditions affecting the policy are identified, to ensure its continued relevance or to make adjustments based on newly identified requirements.
Marco Antonio Rico Guisa
General Director of Nordstern Technologies
Anti-Bribery Management System Policy
At Nordstern Technologies, we are grounded in integrity, transparency, honesty, and high ethical standards in all our practices. Therefore, we maintain zero tolerance for corruption and bribery. This ensures that any activity conducted at or on behalf of Nordstern Technologies is based on ethics and the values that govern us as a company, in accordance with the General Law of Administrative Responsibilities and applicable anti-corruption laws.
Senior Management is responsible for determining any disciplinary action, depending on the severity of the violation, while external sanctions will be imposed according to current Mexican legislation.
Failure to comply with this policy by third parties may result, at a minimum, in the termination of the business relationship and, depending on the violation, in damage compensation, in addition to criminal consequences as determined by Mexican law.
GUIDELINES
-
Comply with applicable laws.
-
Bribery is prohibited, whether given or received, to gain or provide any undue advantage related to starting or maintaining business relationships between Nordstern Technologies, its clients, business partners, or suppliers, including authorities, companies, contacts, organizations, or institutions.
-
It is forbidden to offer or accept bribes, incentives (monetary or otherwise), payments, or gifts — directly or indirectly — to/from government officials, companies, business partners, suppliers, clients, organizations, or institutions, with the intent to improperly influence or reward any act or decision in favor of the company.
-
All financial transactions must be recorded and available for auditing by internal and external authorities.
-
All employees must conduct their work according to principles of honesty and workplace ethics.
-
Promote practices that combat and prevent bribery and corruption, in order to establish healthy and competitive business relationships.
-
All donations or sponsorships must be transparent and comply with applicable laws.
-
Payments made to any Nordstern representative must only be for legitimate services rendered.
-
Individuals who refuse to give or receive bribes, dishonest payments, or gifts will not be penalized by the company.
-
All employees, clients, business partners, or suppliers must report any violation of this policy to: denuncias@nordsterntech.com.
-
Anyone who reports an act of corruption will not be subject to any form of punishment or retaliation, such as harassment, demotion, or dismissal.
-
Violations of this policy may pose criminal or civil risks to Nordstern Technologies and the involved employees. Penalties may include justified termination or criminal prosecution, among other legal consequences.
-
The Compliance Officer will be an independent member of operations, responsible for monitoring anti-bribery practices and ensuring compliance with this policy.
Marco Antonio Rico Guisa
General Director of Nordstern Technologies