Quality, Environment, Health and Security and Information Security Policy
Gaptek is a company specialized in the design and development of conceptual structures to provide a strategic solution to the integral problems of our clients, taking into consideration sustainability, recycling, versatility and economy.
GAPTEK’s raison d’être allows us to focus our development in the needs and expectations of our clients, while searching new products that respect the current legal framework and other requirements that the organization decides to subscribe voluntarily. We also continuously work to improve the effectiveness of our quality management system, environment, safety and health and information security based on the standards of ISO9001, ISO14001, ISO 45001 and ISO27001 in the scope of design, production management, assembly, of the assembly and commercialization of deployable buildings for military and civil uses.
That is why GAPTEK has the highest demands in terms of building regulations, technical building code (CTE), military standards (NATO) and EUROCÓDIGOS to develop its products adapting the technology of light structures to this new product concept. Our position of leadership in the sector is due to our level of quality in our products: light, speed of installation and durability, with the purpose to meet the needs of our customers.
The organization will publicly commit itself to prevent the pollution generated by its operations and products, including strategies against climate change, as well as to continuously improve its environmental performance favoring the global aim of sustainable development, as well as a commitment to eliminate the dangers and reduce risks and the consultation and participation of workers without forgetting a commitment to provide safe and healthy working conditions for the prevention of work-related injuries and health deterioration.
GAPTEK considers information as a fundamental asset for the development of business activity and efficient decision-making; consequently, it undertakes to define and implement a management system that allows it to comply with the requirements applicable to information security, guaranteeing the integrity, confidentiality and availability of the information.
Aware of its current needs, GAPTEK implements an information security management model as the tool to identify and minimize the risks to which information is exposed, helps reduce operational and financial costs, establishes a culture of safety and guarantees compliance with current legal, contractual, regulatory and business requirements. The risk analysis process of the information assets is the support for the development of the Information Security Policies and of the controls and control objectives selected to obtain the levels of protection expected in GAPTEK; This process will be led permanently by the Information Security Manager.
GAPTEK is committed to monitoring, control and evaluation of information security risks, on a regular basis by the Information Security Manager, also within the continuous process of improvement of the organization, established in the standard implemented ISO9001 , the necessary actions will be carried out to improve the management system of information security.
GAPTEK establishes the following guidelines and objectives to guarantee the protection of its information assets:
- The Information Security Committee, led by the security officer, will be in charge of maintaining, reviewing and improving the Information Management System.
- The information assets of GAPTEK will be identified and classified to establish protection mechanisms.
- GAPTEK will define and implement controls to protect the information against unauthorized access, the loss of integrity, and the availability required by customers, suppliers and workers.
- All GAPTEK workers will be responsible for protecting the information they access and process, to avoid loss, alteration, destruction or misuse, they will also inform the Security Manager about any circumstance that may involve the partial or total loss of the integrity, confidentiality or availability of information.
This policy will be reviewed regularly as part of the management review process, or when changes are identified in the business, its structure, objectives or any condition that affects the policy, to ensure that it remains adequate and adjusted to the identified requirements.