At Atlas Cloud Services, the protection of information is a strategic priority. To ensure the confidentiality, integrity, and availability of the data we create, handle, and store, we have implemented a rigorous Information Security Management System (ISMS). This system is based on strong technical, organizational, administrative, and legal measures aimed at ensuring the security of all information, in compliance with applicable standards and regulations.
This security policy defines our commitment to protecting informational assets and maintaining a trustworthy environment for our clients, partners, and employees.
Atlas Cloud Services is the result of a strategic partnership between OCP and UM6P, with the ambition to:
- Drive the digital transformation of businesses and institutions.
- Catalyze the development of new digital services and business models.
- Contribute to Morocco’s digital sovereignty.
- Foster the development of an attractive ecosystem.
Therefore, our information security policy aims to ensure:
- Confidentiality, integrity, and availability.
- Compliance with contractual, regulatory, legislative, and business-related requirements.
- Periodic risk management in accordance with the requirements of sections 6.1.1, 6.1.2, 6.1.3, 8.2, and 8.3 of the ISO/IEC 27001:2013 standard.
- A process for managing all information security breaches governed by appropriate handling.
Additionally:
- Managers are responsible for implementing and complying with the security policy within their areas of operation. Information security is the responsibility of every internal and external collaborator.
- The Information Security Committee (ISC) provides advice and guidance to all parts of the organization regarding the application, compliance, and review of this security policy.
- The security policy is subject to an annual review and continuous improvement to address any potential changes to the ISMS.
Considering the identified opportunities and threats, ACS has set the following information security objectives:
- Ensure the necessary traceability and formalization for knowledge capitalization.
- Guarantee the availability of tools and infrastructure to meet minimum continuity needs.
- Ensure logging, anticipation, monitoring, and handling of cyberattack-type events.
- Intensify employee training on new Datacenter technologies.
- Receive positive feedback from interested parties regarding ACS’s information security.
The management of ACS is committed to adopting the ISO/IEC 27001:2013 standard as the governance model for information security and aligning ACS’s activities with the risk management context to which the company is exposed, while promoting the continuous improvement of the Information Security Management System.