1. Quality Policy

Adam, as a company with extensive experience in information technology, understands the importance of ensuring Quality in the Data Center Services, associated Communications, and IAAS it provides to its clients. For this reason, it has developed the present Quality Policy, which aligns the company’s Quality objectives with its strategic objectives, business requirements, and the needs of clients and stakeholders, aiming to guarantee customer satisfaction.
The Quality Policy is implemented through Policies, Processes, Procedures, Standards, Guidelines, Work Instructions, and Quality Standards, which define how the Quality Policy applies to the company’s Process Map.
The ultimate goal of the Quality Policy is to strengthen Adam’s commitment to its clients by continually improving the level of service provided, strictly complying with current legislation, and enhancing internal processes, always in accordance with legally established rights.

Adam’s management explicitly acknowledges and approves the policies and standards outlined in these documents, requiring all personnel to understand and apply them as part of their roles within the company.
To effectively implement the Quality Policy, the management will provide the necessary resources for its successful development, encompassing implementation, operation, and improvement activities related to this policy and the processes established over time.

Customer satisfaction is vital to properly align with business objectives. To this end, a Quality Management System (QMS) has been established, implementing all the processes needed to define how services and products are delivered. The Quality Management System is continuously updated and improved to meet business needs, client requirements, and stakeholder expectations. Periodic objectives are set, and business processes are regularly evaluated.
The Quality Management System is reviewed annually or whenever a significant business change occurs.

The implemented, operated, and improved Quality Management System, based on the EN ISO 9001 standard, ensures:

  • Context establishment and maintenance, determining the needs and expectations of stakeholders.
  • Assignment of roles, responsibilities, and authorities.
  • Setting objectives for the Quality Management System, aligned with strategic goals.
  • Establishment of indicators to measure process performance, with regular analysis and evaluation.
  • A risk management criterion for business risks.
  • Training and awareness of all staff regarding quality and customer satisfaction.
  • Operation of the management system based on approved documented information, policies, processes, procedures, etc.
  • Verification of compliance through external audits, goal and indicator monitoring, and management reviews.
  • Correction of nonconformities and complaints through corrective actions and evaluation of their outcomes.
  • Continuous improvement of the Quality Management System.

2. Information Security Policy

Adam, as a company with extensive experience in information technologies and information asset management, recognizes the critical importance of Information Security for its business activities, particularly in providing Data Center Services, associated Communications, and IAAS. Therefore, it has developed this Information Security Policy, which aligns the company’s Security objectives with strategic goals, business requirements, and the needs of clients and stakeholders, aiming to ensure the confidentiality, integrity, and availability of its information assets and those of its clients.

The Information Security Policy is implemented through Policies, Processes, Procedures, Standards, Guidelines, Work Instructions, and Security Standards, specifying how the policy applies to various company information assets and processes to achieve the required levels for fulfilling organizational security and business objectives.

The ultimate goal of the Information Security Policy is to reinforce Adam’s commitment to its clients, expressed through continuous improvement in service levels, strict compliance with current legislation, and the protection of current and future clients’ information assets, always in line with legally established rights.

Adam’s management explicitly acknowledges and approves the policies and standards outlined in these documents, requiring all personnel to understand and apply them as part of their roles within the company.

To effectively implement the Information Security Policy, management will allocate the necessary resources to ensure its development, including implementation, operation, and improvement activities and the security controls established over time.

Protecting Adam’s and its clients’ information assets is essential to properly align with business objectives. To this end, an Information Security Management System (ISMS) has been established, implementing all processes and controls needed to protect information assets.

The ISMS is continuously updated and improved to meet the needs of the business, clients, and stakeholders. New objectives are periodically set, and business processes are regularly evaluated. The ISMS is reviewed annually or when a significant business change occurs.

The implemented, operated, and improved ISMS, based on ISO/IEC 27001 and the ENS (National Security Framework), ensures:

  • Context establishment and maintenance, determining the needs and expectations of stakeholders.
  • Assignment of roles, responsibilities, and authorities.
  • Setting objectives for the ISMS aligned with strategic goals.
  • Establishment of indicators to measure control performance, with regular analysis and evaluation.
  • A risk criterion for identifying, analyzing, evaluating, and treating risks.
  • Training and awareness of all personnel regarding Information Security policies and measures (e.g., access control, physical security, malware prevention, backup management, information classification, information processing, business continuity).
  • Operation of the management system based on approved documented information, policies, processes, procedures, etc.
  • Verification of compliance through external audits, goal and indicator monitoring, and management reviews.
  • Correction of nonconformities and complaints through corrective actions and evaluation of their outcomes.
  • Continuous improvement of the ISMS.

3. Business Continuity Policy.

Adam, as a company with extensive experience in information technology and information asset management, recognizes the importance of business continuity for its operations, particularly in providing Data Center Services, associated Communications, and IAAS. For this reason, it has developed this Business Continuity Policy, which aligns the company’s Business Continuity objectives with its strategic goals, business requirements, and the needs of clients and stakeholders, aiming to ensure the continuity, confidentiality, integrity, and availability of its information assets and those of its clients.

The Business Continuity Policy is implemented through Policies, Processes, Plans, Procedures, Standards, Guidelines, and Work Instructions to respond effectively to any disruption, minimizing the impact on the organization’s operations until normalcy is fully restored.
The ultimate goal of the Business Continuity Policy is the safety and protection of personnel during contingency, disruptive situations, and normal operations of the organization.

The principles of the Business Continuity Policy are endorsed and driven by management, which provides the necessary means and resources to ensure compliance. These principles are made publicly available through the present Quality, Information Security, and Business Continuity Policies. The principles are developed considering Adam’s business risks and needs. Through this Business Continuity Policy, the company ensures that critical services and processes are recovered within the timeframes and margins established in the business continuity plan.

Adam’s Management and Security Committee explicitly declare their knowledge and approval of the policies and regulations outlined in these documents, requiring all personnel to understand and apply them as part of their roles within the company. They are responsible for promoting the implementation, coordination, and development of the company’s business continuity plans and activities, taking into account risk assessments, critical processes, and services. Additionally, they ensure that all organization personnel are involved in the plans, procedures, and work instructions.

The Business Continuity Management System (BCMS) is continuously updated and improved. New objectives are periodically set, and business processes are regularly evaluated.

The implemented, operated, and improved Business Continuity Management System, based on the ISO 22301 standard, ensures:

  • Context establishment and maintenance, determining the needs and expectations of stakeholders.
  • Assignment of roles, responsibilities, and authorities.
  • Setting objectives for the Business Continuity Management System aligned with strategic goals.
  • Establishment of indicators to measure control performance, with regular analysis and evaluation.
  • A risk criterion for identifying, analyzing, evaluating, and addressing risks.
  • Training and awareness for all personnel regarding Business Continuity Plans, policies, procedures, and instructions implemented at Adam.
  • Operation of the management system based on approved documented information, policies, processes, procedures, etc.
  • Conducting a Business Impact Analysis (BIA) and risk evaluation.
  • Development of business continuity strategies, solutions, and plans.
  • Verification of compliance through internal and external audits, monitoring objectives and indicators, and management reviews.
  • Correction of nonconformities and complaints through corrective actions and evaluation of their outcomes.
  • Continuous improvement of the Business Continuity Management System.

4. Service Management Policy

Adam, as a company with extensive experience in information technology, recognizes the importance of ensuring effective management of its services: Data Center, associated Communications, and IAAS, provided to its clients. For this reason, it has developed this Service Management Policy, which aligns the company’s Service Management objectives with its strategic goals, business requirements, and the needs of clients and stakeholders to ensure customer satisfaction.

Service Management is implemented through Policies, Processes, Procedures, Standards, Guidelines, and Work Instructions, specifying how Service Management applies to the various services and processes of the company. This ensures that required levels are achieved across all areas to meet the overall management and improvement objectives for the services provided by the business.

The ultimate goal of Service Management is to strengthen Adam’s commitment to its clients through continuous improvement of the service level provided, strict compliance with current legislation, and the continuous improvement of internal processes, always in accordance with legally established rights.

Adam’s management explicitly acknowledges and approves the policies and regulations outlined in these documents, requiring all personnel to understand and apply them as part of their roles within the company.

To effectively implement the Service Management Policy, management will allocate the necessary resources for its development, including implementation, operation, and improvement activities related to this policy and the processes established over time.

Customer satisfaction is critical for proper alignment with business objectives. To this end, a Service Management System (SMS) has been established, implementing all the necessary processes to define how services and products are delivered.

This system is continuously updated and improved to meet the needs of the business, clients, and stakeholders. New objectives are periodically set, and business processes are regularly evaluated. The system is reviewed annually or whenever a significant business change occurs.

The implemented, operated, and improved Service Management System, based on the EN ISO 20000 standard, ensures:

  • Context establishment and maintenance, determining the needs and expectations of stakeholders.
  • Assignment of roles, responsibilities, and authorities.
  • Setting objectives for the Service Management System aligned with strategic goals.
  • Establishment of indicators to measure process performance, with regular analysis and evaluation.
  • A risk management criterion for business risks.
  • Training and awareness for all personnel regarding Service Management, including policies, procedures, plans, etc., implemented at Adam.
  • Operation of the management system based on approved documented information, policies, processes, procedures, etc.
  • Effective and efficient delivery of services provided to clients within a lifecycle that enables continuous improvement of the implemented processes.
  • Assurance that the requirements agreed upon in Service Level Agreements (SLAs) with clients are met and maintained.
  • Assurance that all services documented in the service catalog and within the system’s scope are managed to ensure deadlines, prompt responses, high quality, and customer satisfaction.
  • Verification of compliance through external audits, monitoring objectives and indicators, and management reviews.
  • Correction of nonconformities and complaints through corrective actions and evaluation of their outcomes.
  • Continuous improvement of the Service Management System.

Last revision: 01/03/2024