Management system policy

Purpose

The organization promotes productive/service delivery policies that take into account the needs for economic development and value creation, inherent to the business activities related to it, alongside the needs for environmental respect and protection, social responsibility, and information and data security. It also commits to complying with current regulations while encouraging the spread of a culture of respect for legal principles.

Scope of Application and Regulatory References

This document defines the policy for the Integrated Management System of INVTRADE S.R.L., in accordance with ISO 9001 and ISO 27001 standards. It outlines the company's commitments to quality, information security, customer satisfaction, and continuous improvement, applying to all processes and business activities related to the provision of digital solutions, marketing services, and global procurement.

Roles and responsibilities

• Top Management: Establishes, implements, and maintains the Management System Policy, ensuring that it is appropriate to the purposes and context of the organization and aligned with strategic directions.
• Management System Manager: Ensure that this policy is communicated, understood, and applied within the organization and that the Integrated Management System is maintained in compliance with the requirements of the reference standards.

Terms and definitions

• Quality: The ability of a set of intrinsic characteristics of a product or service to meet the needs of customers and other stakeholders.
• Information Security: Preservation of confidentiality, integrity, and availability of information. The ISO/IEC 27001 standard provides a framework for systematically managing and protecting information.
• Stakeholder: A person or organization that can influence, be influenced by, or perceive themselves to be influenced by a decision or activity of the company. Examples include customers, suppliers, and collaborators.
• Risk: Effect of uncertainty on objectives. In the context of ISO 9001, it refers to an obstacle to achieving quality objectives, while an opportunity provides a functional advantage.
• Continuous Improvement: A recurring activity aimed at enhancing the performance of the management system. It is one of the fundamental principles of ISO 9001 to increase effectiveness and quality through the constant optimization of processes.

Commitment and objectives of the management system

The Top Management of INVTRADE S.R.L. establishes, implements, and supports this Management System Policy as a guiding principle for all business activities. This policy is appropriate to the purposes and context of the organization, as defined in the document "Context Analysis," and fully supports the strategic directions aimed at providing innovative digital solutions, marketing services, and global sourcing.

INVTRADE S.R.L., through the commitment of Top Management and its entire structure, is committed to:

• Ensure Quality and Customer Satisfaction: Provide software development, digital marketing, and global sourcing services that meet or exceed customer expectations, working to solve their business problems and supporting them in their growth.
• Protecting Information Security: Safeguarding the confidentiality, integrity, and availability of one's own information assets and those of stakeholders, managing risks, and preventing security incidents. The principles and specific objectives are further detailed in the "POL Information Security Policy."
• Meet Applicable Requirements: Comply with all applicable requirements, including laws, regulations, and contractual obligations related to service quality and information security.
• Promote Continuous Improvement: Constantly improve the effectiveness of the Integrated Management System (Quality and Information Security) through performance monitoring, data analysis, and periodic review, as defined in the procedure "PRO Management Review Management".
• Provide a Framework for Objectives: Use this policy as a reference framework to establish and review objectives for quality and information security. These objectives are defined, planned, and monitored as described in the document "PRO Objectives and Planning for Their Achievement".

The Top Management ensures that this policy is maintained as documented information in accordance with the "PRO Documented Information Management Procedure," communicated and understood within the organization. The Management System Manager is responsible for ensuring its dissemination and application. The policy is also made available to relevant interested parties, as deemed appropriate by the Management.

Archiving and updates

This document is managed as documented information and is subject to periodic review by Top Management to ensure its continued suitability. Updates are made in accordance with the documented information management procedure to ensure controlled distribution..

Reference documents

• Context Analysis
• POL Information Security Policy
• PRO Management Review
• PRO Objectives and planning for their achievement
• PRO Procedure for Managing Documented Information