Nuestra Empresa - ISA

Information and Knowledge Policy

Towards the strategic assessment of knowledge assets

ISA Economic Group

August 24, 2006

Introduction

In virtue of this policy, Grupo ISA Companies declare the criteria and define the framework for action concerning the management of information and knowledge as strategic assets of the organization. 

By disclosing this policy, Grupo ISA Companies are reassuring:

Their conviction that information and knowledge have a strategic value; thus they are protected, managed and reinforced as intangible assets.

Their commitment to respect intellectual property in such terms defined by law.

Their commitment and scope with different groups of interest regarding access and disclosure of information held by the organization in furtherance of its activities.

The significance of information and knowledge for building synergies between the Group companies.

Their approach towards the fostering and development of a safe information culture.

Reasoning

The new and permanent challenges imposed by a highly competitive economy bearing a global knowledge have made information and knowledge becoming determinant assets for business growth.

To take on this reality, Grupo ISA Companies establish criteria to generate, manage, preserve and protect these strategic assets on an efficient basis in order to contribute with organizational growth and improvement and the execution of strategies and optimum continuity of the Group companies’ operation.

Likewise, the commitment with our different Groups of Interest requires defining criteria related with the exchange of information with them purported to satisfy mutual interests.

The need of diminishing uncertainty and ambiguity regarding information and knowledge flows as a basis for each company’s operational efficiency and the construction of synergies within the Group.

Concept outline

Information:

Set of context data contained in different means (paper, records, pictures, videos, audio, optical, digital means, among others), which meaning and sense is given by the Group’s and each affiliate’s guidelines. 

Criteria for assessing information 

  • Availability: It refers to the existence and accessibility of information at the required time and place and liable of being recoverable under any event.
  • Integrity: It refers to the accuracy and completeness of information. It guarantees that information stored contains all critical data required for the business, as well as the fact it truly reflects its situation.
 
  • Confidentiality: It guarantees that information is available only for the relevant people.
  • Transparency and confidentiality: Compliance with regulations and commitments undertaken by the company and full guarantee it is accurate and verifiable.

Classification of Information

  • Public: Public information is such not defined otherwise as confidential and which has been disclosed or delivered by the Company. Its publication or distribution does not involve any risk for business processes or systems.
  • Confidential: Confidential information is such which publishing or distribution endangers the entity or jeopardizes corporate or competitive strategies of the organization.

It refers to such matters of exclusive competence of managers or information related with the company’s industrial secrets, its competitive advantage, its corporate strategy, its competition, prices and campaigns, or, if disclosed, may be used in detriment of the company, and any other information regarded as such by legal provisions.  

Such proprietary information from third parties used by the Company under confidentiality or use license agreements is also included under this category, as well as information on the company’s employees. 

Knowledge:

It is the concurrent interaction of information, experience, values and know-how used in day-to-day processes and operations as a framework to incorporate experience and useful information for business actions. It is understood that knowledge is generated by people as the result of transforming passive data into active information, which meaning and sense is given by the business setting. 

Public:

Groups of interest:

Set of people, organizations and institutions with which the company builds and shares common interests. 

Stakeholders:

Specific actors holding the interest and capacity to affect business objectives and resources under specific circumstances. 

General public:

Set or group of people subject to a communication action by the Company.

Legal reference framework

Grupo ISA Companies follow, respect and apply all legal provisions concerning Intellectual Property, exchange and management of standing information at each country where it is present; likewise, they apply all relevant bilateral and multilateral conventions, agreements and treaties. Grupo ISA commits itself on honoring agreements held with minority shareholders, as the case may be.

Scope

Within the management of their internal processes and relationship with its public, Grupo ISA Companies value and protect information and knowledge as strategic assets.

Information flows are consistent with the accomplishment of legal commitments and respond to the business

Undertakings with its public, under respect and protection of intellectual property. 

Framework for action

Property

Grupo ISA Companies legally protect products, processes and information of their own, based on industrial or commercial application criteria. The moral rights on such scientific works, computer tools or software, products, procedures or in general, assets related with information and knowledge for Grupo ISA Companies produced by workers within the course of their work, will belong to such workers. Workers will expressly assign their economic rights or business exploitation to the company, thereby being entitled to register the same on its behalf, in accordance with the laws in effect.

Directors are responsible for identifying such assets to be protected and to take any measures required to safeguard intellectual property based on the regulations in effect and in accordance with such procedures defined for said purpose.

Any agreements entered into with third parties include clauses defining the ownership and the business exploitation rights of information received or delivered by the Company, and such agreements concerning information, software, products, procedures or knowledge used or generated for their development. This is applicable to all agreements, contracts and conventions, including those entered into with institutes, research groups, universities and students.

The unlawful use of third party-proprietary information within the Group companies’ internal processes is prohibited. Workers incurring in this practice are personally responsible for any disciplinary, administrative, tax or criminal consequences deriving thereupon. The Group companies define and disclose to workers the criteria to prevent any unlawful use of third party-proprietary information.

Protection and safety

Each Grupo ISA Companies’ worker is responsible for proper preservation, protection and use of information and knowledge generated within the course of his/her job tasks. The Group companies provide the necessary means to allow protecting and preserving information. Grupo ISA Companies’ employees will enter into confidentiality agreements in such cases where additional secrecy is required on information received in virtue of their duties, which agreement is incorporated into the employment agreement.

Grupo ISA Companies define and take any measures for protecting information against incidents and non-authorized accesses through like networks or mechanisms. These measures are aimed to guarantee the companies’ ongoing processes and operations.

Each company’s organizational units may restrict access to such information they believe is particularly sensitive for the company’s interests through internal procedures defined for such purpose. Confidential information is identified as such. The executive officer responsible for the process is competent to declare any information as confidential.  

Grupo ISA Companies define the guidelines and schemes required to foster generation, application, transfer and preservation of knowledge.

External Flow (disclosure to different Groups of Interest, Stakeholders and Public in general)

Grupo ISA Companies deliver any information that results relevant and required for account-rendering in connection with their performance with different Groups of Interest through the annual report and the corporate social responsibility report.

Information is disclosed to such companies providing services to Grupo ISA Companies in order to facilitate or allow the performance of the corresponding agreements. Companies providing services are responsible for the handling and absolute secrecy on information to which they have access under the relevant agreements. These responsibilities are clearly provided in the relevant agreements and, if necessary, they are recorded in writing at the time of disclosing information. 

Grupo ISA Companies reply to any information requirements as per such terms or deadlines defined by the Group Companies, any regulation or Law. Information disclosed corresponds to that being required as per the availability and nature thereof. As a general rule, the supply of information to third parties is conducted through the executive officers responsible for the processes managing such information through the area responsible for its disclosure or commercialization or those appointed by the companies for such effect.

When disclosing information to third parties, it is necessary to asses the consequences of such disclosure, abstain of doing so if it is deemed that will negatively affect the Organization and, in any case, become responsible for the delivery. The Group’s companies define and inform the criteria for disclosing information to third parties.

Information disclosed to media should meet the information assessment criteria and should be provided on a centralized basis by the area responsible for media affairs.

Grupo ISA Companies is not responsible for any consequences to third parties deriving upon the use of information disclosed by them. Provided it is relevant, information disclosed to third parties will include a disclaimer in this connection.

Grupo ISA Companies may commercialize any information arising upon the course of their activities, provided they own the commercial exploitation rights on the same. For such effect, they will carry out due protection on intellectual property before the relevant authority through the Company’s legal area.

Grupo ISA Companies abstain from disclosing to third parties, under any title, any information received for their internal use from suppliers, consultants, speakers, etc., on which there are no commercial exploitation rights. 

Internal Flow 

Exchange of information and transfer of knowledge between Grupo ISA Companies respond to the following purposes: compliance with legal obligations, search for unit of purpose, search for unit of management, construction and exploitation of synergies and compliance with commercial relationships set between companies.

Information flow inside each company corresponds to the natural interactions existing under the processes, without any restrictions or omissions. This includes confidential information. Grupo ISA Companies define the mechanisms to follow the transfer and treatment of information and knowledge.