1.1. – IT Service Management Policies
In addition to the Mission, Values and Principles, Strategy and Vision globally established in the Quality and Environment Policy of COMPTA organization, in the IT field, those Policies are complemented by:
- Add value, providing IT service and solutions, meeting the specific needs of each Customer, in line with the highest standards of quality, availability and technological development, and in accordance with the requirements of the ISO 20000-1 standard.
- Develop and manage service and solutions, with a firm commitment and follow the guidelines expressed in the Code of Practice set out in part 2 of the ISO 20000 reference standard, as well as in accordance with the Scope and Applicability Guide (Guidance on Scope Definition and Applicability) expressed in the 3rd part of that standard.
COMPTA also defines the following partial policies:
1.1.1. – Information Security Policies
Ensure information security throughout the business cycle, from the planning of new services / fetures, through compliance with laws and regulations, risk assessment, accessibility control, capacity and business continuity, in order to ensure the integrity, availability and confidentiality of information.
Ensure the protection of your organization’s resident server information against internal and / or external threats, whether deliberate or accidental, in terms of storage (physical and logical), access, transmission and operation of data, by controlling risks Identified and evaluated, which are listed in the “COMPTA Risk Table”, in accordance with the requirements of the ISO 27001 standard.
Establish as a policy for the costing and budgeting of IT services a costing model that allows, in competitive conditions, better respond to the market demand’s, assuming the commitment to promote the financial sustainability of the business.
Ensure all aspects of release, from initial planning to distribution, testing and final installation, through a systematic control structure, including recording and archiving of the change or changes contained in the release.
Compta warrants that changes to services, their applications, and infrastructure are planned and controlled without unnecessary disruption.
Ensures that all changes are evaluated, approved, implemented, and reviewed in a controlled manner.
It establishes as a policy that emergency changes due to their exceptional characteristics should be treated differently. The responsibility to manage situations of this nature is the Director of the respective Area of responsibility, which establishes and communicates the actions to be developed, so that immediate and more critical needs are restored.
Ensure availability and continuity of service management in a reliable manner, ensuring that resource failures associated with the provision of IT services are efficiently managed, and the service levels replenished within the agreed SLAs, through Contingency Plans and Established for this purpose.
Ensure IT resources are adequate to service needs to ensure contracted levels.
In case the business evolution so determines, COMPTA will make available the resources in an appropriate way, taking into account the respective costing and budgeting.
In addition to the Mission, Values and Principles, Strategy and Vision globally established in the Quality and Environment Policy for the COMPTA organization, in the area of SGIDI, that Policy is complemented by:
• Research, develop and create innovative systems based on new technologies and / or disruptive approaches that add value and enable the transfer of knowledge between the parties involved.
• Design and develop CEB solutions, specially designed for the management of emerging businesses, assuming the firm commitment to follow the guidelines expressed in reference standard NP 4457.