• Products
  • Magazine
  • ERP Management Software
  • Asset Management
  • Sustainability and ESG
  • Europe
  • United Kingdom
  • Latin America
  • Reserved area
    Reserved area
  • Magazine
    Magazine
  • Digital Magazine
    Digital Magazine
    • Megamenu Right Mobile - Zucchetti World - Certifications
      Megamenu Right Mobile - Zucchetti World - Certifications
      • Accedi all'area riservata My Zucchetti
      Clicca sull'area di interesse e inserisci le tue credenziali.
      Clienti, Distributori, Dipendenti, Collaboratori
      Clienti, Distributori Infinity Communication
      Clienti Codepainter Sitepainter
      Distributori Infinity Zucchetti, Ad Hoc, Alter Ego
      Se hai problemi ad accedere invia un'email a myz.support@zucchetti.it.

      Security


      Zucchetti S.p.A. Information Security Policy


      The security and protection of information assets are essential conditions for achieving the business objectives of Zucchetti S.p.A.


      In consideration of this, the conduct of business activities must always ensure adequate levels of availability, integrity, and confidentiality of information through the adoption of a formal "Information Security Management System" (ISMS) in line with the requirements expected by Zucchetti's stakeholders and in compliance with applicable regulations.
      In particular, the system is applied:

      • in the digital preservation of electronic documents, ensuring long-term preservation;
      • in the data center area , ensuring best practices in the management of systems and infrastructures necessary for processing client business data, which may be subject to mandatory regulations;
      • in the provision of trust services (timestamping, certificates for signing keys) as a Certification Authority;
      • to HR solutions for personnel management , including the design, development, and maintenance of software products, related post-sales services for professionals and companies, and finally, the creation, delivery, and management of the SaaS/PaaS service for these solutions.
      • to accounting and tax solutions , including the design, development, and maintenance of software products, related post-sales services for accounting firms and trade associations, and finally, the creation, delivery, and management of the SaaS/PaaS service for these solutions.

      The general objectives of the ISMS pursued with the commitment of the designated responsible person are:

      • to demonstrate to the market the ability to consistently provide secure products/services , maximizing business objectives;
      • Minimize the risk of data loss and customer data unavailability,by planning and managing activities to ensure service continuity and implementing all necessary actions to prevent corruption or inappropriate disclosure of such data.
      • .conducting an appropriate risk analysis , determining the value of the information resources involved, and assessing the resulting risk by examining associated vulnerabilities and threats.
      • comply with applicable laws and regulations, contractual requirements, corporate standards, and procedures.
      • promote collaboration, understanding, and awareness of the ISMS among strategic suppliers.
      • comply with the principles and controls established by ISO/IEC 27001 or other standards/regulations governing the business activities in which the company operates.
      • Pursue continuous improvement .

      In addition, there are the specific objectives of the Preservation System:

      • meet the needs of the designated community through the proper handling of information (based on its value, legal requirements, sensitivity, and criticality);
      • monitor and control the security of the information systems supporting the Preservation System, minimizing residual risk, ensuring business continuity, and meeting privacy and personal data protection requirements;
      • follow and implement the guidelines provided in the Preservation Manual .
      • anticipate and, if necessary, implement succession plans, emergency plans, and third-party outsourcing plans in the event of service termination.

      The achievement of which is entrusted to the designated Preservation Service Manager. In pursuing these objectives, the Preservation Service Manager is authorized and delegated to draft one or more Security Policies related to specific topics concerning the Preservation System, committing to ensure their consistency with this Policy.


      In order to promote and facilitate the implementation of policy objectives, an interfunctional working group is established to manage the activities necessary to ensure information security.


      The objectives of the working group are to promote security, identify and define goals, ensure commitment and availability of resources for protective actions, provide staff training, and periodically review or assess the system during significant events.


      All personnel, within the scope of their respective responsibilities, are involved in reporting any incidents encountered and any weaknesses identified in the ISMS.


      The entire organization is committed to supporting the implementation, deployment, and periodic review of the ISMS.


      The company’s leadership is committed to pursuing the objectives of this policy with the appropriate means and resources.