Security · ISO/IEC 27001:2022

Security Policy.

Information Security Policy aligned with the ISO/IEC 27001:2022 standard, guiding our actions to protect the confidentiality, integrity and availability of our clients' data.

Effective: Nov 28, 2025 — Nov 27, 2028Certificate: ECMX-SI-0034/25

Information Security Policy

At SYAD Organización Integral de Negocios, S.A. de C.V., we recognize that information is one of the most valuable assets of our organization and of our clients.

For this reason, we have established an Information Security Management System (ISMS) aligned with the international standard ISO/IEC 27001:2022, which guides our actions to protect the confidentiality, integrity and availability of our clients' data.

Our security stance

SYAD's Senior Management assumes, promotes and oversees the commitment to:

  • Protect information and digital assets related to our iVal platform and the services we offer.
  • Comply with all applicable legal, regulatory, contractual and normative requirements.
  • Establish clear security objectives and review them periodically to ensure compliance.
  • Foster an organizational culture of awareness and responsibility in information security among all our employees and strategic partners.
  • Continuously improve our ISMS, adapting to technological, regulatory and business environment changes.

Our security objectives

  • Disseminate and reinforce the security culture throughout the organization.
  • Ensure the availability of business-critical information.
  • Maintain the effectiveness of controls and best practices in data protection and cybersecurity capabilities.

Transparency and trust

This policy is approved by SYAD's Senior Management and is available to employees, clients, partners and interested parties. It is reviewed periodically and updated whenever the organizational, technological or regulatory context requires it.

At SYAD, information security is not merely a requirement — it is a formal commitment to the trust of those who choose our services.

— General Management

ISO/IEC 27001:2022 Certification

SYAD holds an international certification issued by Applus México S.A. de C.V., a body accredited by the Mexican Accreditation Entity (Entidad Mexicana de Acreditación, EMA) under registration number 32/20.

Certified scope

Development of iVal modules, as well as consulting, implementation and maintenance services, in B2B enterprise environments across Mexico — LATAM — USA. This includes in-house software development, cloud infrastructure management (AWS) and related support services.

Certificate details

  • Standard: ISO/IEC 27001:2022
  • Certificate number: ECMX-SI-0034/25
  • Initial issue: November 28, 2025
  • Valid until: November 27, 2028
  • Statement of applicability: 01/07/2025
  • Auditor: Applus México S.A. de C.V. · Accredited by EMA · IAF

For security inquiries, vulnerability reports or access to the ISMS system, contact customer.support@syad.com.mx.