SGI POLICY
Our commitment to quality, safety and the environment
At Add Value we believe that the excellence of our services stems from a constant commitment to quality, social responsibility and environmental sustainability.
Our SGI Policy is the reference point that guides all our activities, decisions and projects. It's not just a formal requirement: it's our conscious choice to generate real value, for our customers, for our team and for the world in which we operate.
Basics
1. Quality objectives:
- Add Value is a company that has been presenting a controlled growth of its market for years through the creation of strong impulses of collaboration and consultancy support to its customers; the orientation towards quality is one of the main indicators that qualify Add Value towards stakeholders.
- To consolidate and develop this potential in the best possible way, Add Value has decided to undertake an organizational effort by starting a careful and timely analysis of all the functions within its structure. This process has made it possible to define a new company organization.
- Add Value has decided to certify its Organizational System according to an Integrated System between the ISO 9001:2015 and ISO 27001:2013 standards in order to guarantee excellent quality standards to all stakeholders. During 2024, ADD Value adopted the new 2022 version of the ISO/IEC 27001 standard.
2. Information Security Goals:
- Information security is essential to mitigate the risks associated with high-risk services and maintain the organization's competitive positioning. It is essential to ensure the confidentiality, integrity and availability of information, regardless of its format, through appropriate controls and access limited to authorized persons only.
- Constant technology monitoring measures and regulatory updates must be implemented, supported by business continuity plans and staff training.
- You also need to separate critical tasks, reduce risk at source, and promptly handle any breaches or incidents, including excluding unauthorized non-compliant software.
3. ESG objectives:
- ADD VALUE intends to make the value of ESG objectives strategic by integrating them into the complete analysis of business processes. It intends to integrate the organizational model by evaluating the main KPIs to make the company increasingly compliant with modern schemes that take into account environmental, social and governance issues.
- The evaluation of KPIs will be integrated into the actions that lead to the determination of corporate objectives with constant monitoring of the points indicated by the new sustainability regulations introduced by Accredia.
- ISO/IEC 27017:2015 - Information technology — Security techniques — Code of practice for information security controls based on ISO/IEC 27002 for cloud services;
- ISO/IEC 27018:2019 - Information technology — Security techniques — Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors.
- From the point of view of the Information Security aspects applicable to the cloud context, ADD Value has decided to adopt an approach aimed at adequately overseeing both the dimension of Cloud Services Customer and the Cloud Service Provider dimension on behalf of its Customers
Our daily commitment
The entire Add Value team is involved in the Integrated Management System, through
- The adoption of internationally recognized standards, such as:
- ISO 9001:2015 for quality management.
- ISO/IEC 27001:2013 for information security management.
- ISO/IEC 27017 for security controls specific to cloud services.
- ISO/IEC 27018 for the protection of personal information in public cloud services.
- The definition of measurable annual objectives in terms of quality, safety and sustainability.
- Periodic review of our policies, to ensure maximum effectiveness and consistency at all times.