Information Security Policy

Politics: POL-01

REVIEW: 00

Entry into force: 16.11.2023

WOOTIS, deals with the remote management of wind and photovoltaic plants for this reason recognizes the importance of information security and implements an Information Security Management System in accordance with ISO 27001. It is committed to ensuring a level of security commensurate with the criticality and confidentiality of the information it manages.

To fulfill this commitment, WOOTIS:

• Ensures compliance with all legal requirements applicable to data security

• Ensure that Information Security Management decisions and activities take into account and balance the needs of all stakeholders, both inside and outside the organization

• Ensures alignment and coordination between all organizational functions affecting Information Security Management, including all work positions

• Ensures the continuous training of its staff and the coverage of work positions

• Formally assess risks and financial results when making decisions on information security management

• Promotes the timely identification of Information Security risks and their effective response.

• Committed to immediate response to Information Security incidents.

• Certifies that all decisions and activities of Information Security Management comply with its other policies, including, at least, those related to quality, health, safety, and the environment

• Ensures in the best possible way the achievement of Information Security objectives

• Maintains and preserves its equipment in such a way that it continues to meet the operational requirements during its expected life

• Ensures that sufficient resources are provided to enable the agreed objectives to be achieved

• Continuously improves the level of information security