In line with our policies, we adopted the Comprehensive Risk Management model of our parent company, which provides a focus for continuous improvement and effective risk management in a systematic and transversal manner for TGI. Based on the ISO 31000:2018 standard, this model establishes the reference frameworks to identify and assess the risks related to the activities of our business and to be able to implement the necessary actions to mitigate them.
We have an Information Security Model
This Information Security Model (MSPI) seeks to protect the Confidentiality, Integrity and Availability of information assets, for its Administrative Headquarters located at Carrera 9 No. 73-44 in Bogotá, and all other headquarters nationwide. , which has the support of Senior Management to guarantee the necessary resources for the continuous improvement of the model, and to demand compliance with the guidelines, policies and other security guidelines that are defined, which must be known, understood and accepted by all interested parties of the Information Security and Privacy Model (MSPI).
As a fundamental part of the Information Security and Privacy Model (MSPI), there is an internal regulation that provides TGI S.A. ESP., the guidelines, guidelines and guidance regarding information security and the proper use of information assets, seeking to preserve the confidentiality, integrity, availability and privacy of information.
In reference to the possible anomalous event that may occur, TGI S.A ESP has the management of information security incidents duly documented and socialized to the organization in the different data for awareness.
M-ADI-006 Modelo de Seguridad y Privacidad de la Información (MSPI).pdf
A continuous and controlled information security culture is promoted, where all members of TGI S.A. ESP, contractors and third parties understand the importance of this in accordance with technological advances, emerging threats and are aware of their responsibility in protecting the confidentiality, integrity and availability of information assets both physically and in cyberspace.