Information Security

Our commitment to security

SparkFabrik SRL has established an Information Security Management System (ISMS) to protect the information assets of the company and its clients, ensuring confidentiality, integrity and availability of information.

The ISMS applies to all personnel, collaborators, processes and technologies of the organisation and complies with the following international standards:

• ISO/IEC 27001:2022: information security management systems
• ISO/IEC 27017:2015: information security controls for cloud services
• ISO/IEC 27018:2019: protection of personally identifiable information (PII) in public clouds

Core principles

Our management system is based on:

• Protection of information assets: confidentiality, integrity and availability of SparkFabrik’s and its clients’ information
• Risk management: systematic and continuous approach to identify, assess and treat information security threats
• Regulatory compliance: adherence to applicable legal, regulatory and contractual requirements, with particular attention to personal data protection (GDPR)
• Cloud security: secure management of cloud services, both as provider and consumer, with a shared responsibility model
• Continuous improvement: monitoring, periodic audits and management reviews

Policy documents

The following public documents describe the policies adopted by SparkFabrik:

• Management System Policy (PDF) - Strategic principles, commitments and objectives of the ISMS
• Information Security Policy (PDF) - Objectives, core principles and management commitment to information asset protection

Contact

For information about information security or to request additional documentation: admin@sparkfabrik.com