SGI Management Policy

Purpose and Scope

Nethive SPA is a young, innovation-oriented company, built on passion and consolidated experience in:

Design, development, and integration of hardware and software solutions in data processing and communication infrastructures; help-desk service delivery for the aforementioned solutions. Delivery of consultancy services in network and IT infrastructure security.

Specifically, Nethive SPA offers Cyber Security & Resilience services designed to ensure visibility of risk concentration areas by planning actions to address and mitigate them. We select the most suitable technologies for specific needs with our clients; through automation layers and managed services, we create trust that allows their use without worrying about effort. Thanks to investment in an end-2-end "Service Provider" infrastructure, we offer innovative and quality services that are easily accessible to the client.

Objectives

This policy defines the overall objectives that Nethive SPA's Management sets in carrying out its activities, for which the Integrated Management Systems (IMS) implemented serve as guidelines: client service quality is fundamental for Nethive SPA and its collaborators, with whom this policy is shared, and for whom constant sharing of objectives and necessary training is provided.
Nethive SPA's management promotes a policy that places the client and their satisfaction at the center of all service delivery, maintaining focus on ISO 9001:2015 principles. In a dynamic and demanding market that allows fewer errors, response capability to rapid evolution and technology innovation are just some of the daily discussion topics with clients, along with information protection, which is always central to all activities and supported by ISO 27001:2013 policies and controls.
Considering that Nethive SPA provides Cyber Security services to its clients, it's essential to lead by example by applying Information Security best practices, always considering risks in all activities, including but not limited to information security and protection. Nethive SPA makes its Integrated Management System (IMS) policy known to all stakeholders, committing to:

  1. ensure all workers are trained, informed, and aware of performing their tasks as planned, in response to policies, and securely regarding information confidentiality, integrity, and availability;
  2. maintain constant preparation and willingness for continuous improvement of processes and activities;
  3. provide necessary human and instrumental resources in reasonable timeframes;
  4. involve the entire corporate structure in achieving quality, confidentiality, integrity, availability, and security objectives for information and personal data:
    • comply with all applicable laws and regulations, formulate procedures, and adhere to identified company standards;
    • manage activities to prevent Information security incidents, Data Breaches regarding personal data, and non-conformities with procedures, contracts, and client expectations;
    • maintain organized and punctual system management with planned Audits and periodic management reviews in both certification areas;
    • provide objective evidence of activities as required by the system, and spread certainty that any non-conformities can become improvement opportunities.
  5. periodically review objectives, Management Systems implemented for 9001 and 27001 standards, and this related policy;
  6. maintain open dialogue with suppliers and collaborators, engaging them to implement behaviors consistent with this policy.

Risk, Context, and Stakeholder analysis is fundamental to certifications: every improvement is inseparably connected to clear and detailed knowledge of our service delivery processes. Management promotes maintaining organizational certifications and considers it essential that its resources share their spirit and objectives, aware that a team can achieve results only when shared by all members. Through monitoring and constant analysis of stakeholder satisfaction, system, process, and service performance data, management defines objectives the organization must pursue to implement this document. It also considers maintaining a flexible organization essential to ensure prompt response to clients and stakeholders, with a lean and elastic organizational structure to guarantee easy adaptation to changing market demands. Continuous and constant monitoring of actual regulatory application is essential for service quality: corporate compliance means substantial respect for legislative requirements rather than formal observance.