FIVECOMM, dedicated to:

“Development of projects and applications using 5G technology”

has decided to implement an Information Security Management System based on the ISO 27001 standard with the aim of preserving the confidentiality, integrity, and availability of information, and protecting it from a wide range of threats. This Management System is intended to ensure business continuity, minimize damage, maximize return on investments and business opportunities, and enable continuous improvement.

The management of FIVECOMM is aware that information is a valuable asset for the organization and therefore requires adequate protection.

FIVECOMM management establishes as basic objectives, starting point and support for the objectives and principles of information security the following:

• Protection of personal data and individual privacy

• Safeguarding organizational records

• Protection of intellectual property rights

• Documentation of the information security policy

• Assignment of security responsibilities

• Training and education in information security

• Logging of security incidents

• Business continuity management

• Management of changes within FIVECOMM related to security

Through the development and implementation of this Information Security Management System, FIVECOMM management commits to:

• Develop products and services in compliance with legal requirements, identifying applicable legislation for the business lines covered by the Information Security Management System.

• Establish and fulfill contractual requirements with interested parties.

• Define security training requirements and provide necessary training in the matter to relevant parties through training plans.

• Prevent and detect viruses and other malicious software by developing specific policies and establishing contractual agreements with specialized organizations.

• Manage business continuity by developing continuity plans in accordance with internationally recognized methodologies.

• Define the consequences of violations of the security policy, which will be reflected in contracts with interested parties, suppliers, and subcontractors.

• Always act with the utmost professional ethics.

This Policy provides the framework for the continuous improvement of the Information Security Management System and for setting and reviewing the objectives of the Information Security Management System. It is communicated throughout the organization via the document management system and through display panels, and it is reviewed annually for suitability, and extraordinarily when special circumstances and/or significant changes occur in the Information Security Management System. It is also available to the general public.

CEO

Valencia, December 16, 2024