Quality management system policy

v1 of July 14, 2025

Scope of Application

This policy defines SIINFO SRL’s commitment and strategic directions for the Integrated Management System. The document applies to all processes, activities, and resources of the organization involved in the provision of IT consulting and data management services, with the aim of ensuring service quality and information security in accordance with reference standards.

Regulatory References

• ISO/IEC 27001:2022: Information security management systems — Requirements.

• ISO 9001:2015: Quality management systems — Requirements.

• Regulation (EU) 2016/679 (GDPR): General Data Protection Regulation.

• Legislative Decree 30 June 2003, No. 196: Personal Data Protection Code, as amended.

Terms and Definitions

• Confidentiality: The right that information not be made available or disclosed to unauthorized individuals, entities, or processes.

• Integrity: The property of accuracy and completeness of information.

• Availability: The property of being accessible and usable upon request by an authorized entity.

• Interested Party: A person or organization that can influence, be influenced, or perceive itself to be influenced by a decision or activity.

Roles and Responsibilities

• Top Management: Establishes, implements, and supports the management system policy, ensuring alignment with the company’s strategic vision. It ensures the availability of necessary resources, promotes a culture focused on quality and safety, and periodically reviews the system’s effectiveness to foster continuous improvement.

Management System Commitment and Objectives

SIINFO SRL’s top management, in line with its mission and strategic vision, establishes, implements, and supports this Integrated Management System Policy, which complies with the requirements of ISO 9001 and ISO/IEC 27001 standards. This policy represents the organization’s formal commitment to the quality of services provided and information security, considered strategic drivers for success in the IT consulting and data management sector.

Top Management is committed to:

• Customer Focus and Service Quality: Ensure maximum customer satisfaction through the provision of consulting services and IT solutions (Data Integration, Data Analytics, Cloud Solutions, Software Development) that fully meet their explicit and implicit requirements, effectively supporting them in their digital transformation journey.

• Information Asset Protection: Ensure the confidentiality, integrity, and availability of all information processed, including company-owned information and information entrusted by customers and partners. Data protection is a fundamental principle integrated into all company processes, particularly in the development and delivery of services.

• Satisfaction of Applicable Requirements: Comply with all relevant laws, regulations, and contractual obligations regarding information quality and security, maintaining constant monitoring of regulatory compliance.

• Continuous Improvement: Promote a culture of continuous improvement in the effectiveness of the Integrated Management System. This commitment is implemented through performance measurement, risk and opportunity analysis, and the definition of improvement actions.

• Definition of Measurable Objectives: Use this policy as a framework for establishing and periodically reviewing measurable objectives for information quality and security. The definition and planning of these objectives are managed as described in the document “PRO Objectives and Planning for Their Achievement.”

• Resource Allocation: Ensure the availability of the human, technological, and financial resources necessary to effectively implement, maintain, and improve the Integrated Management System.

Top Management ensures that this policy is maintained as documented information, communicated to all personnel, and understood and applied at all levels of the organization. It will also be made available to relevant stakeholders, where appropriate. The adequacy and effectiveness of the policy are systematically reviewed during management reviews, formalized in the document “PRO Management Management Review.”

Archiving and Updates

This document is managed as controlled documented information within the Integrated Management System. It is archived in digital format and made accessible to relevant personnel. Its adequacy is reviewed periodically, including during management reviews, and updated whenever significant changes occur in the business, regulatory, or strategic context.

Reference Documents

• PRO Objectives and planning for their achievement

• PRO Management Management Review

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Quality management system policy

Get In Touch

Contact Info

Phone Number

Email address

Address info

Working Hours