Compliance

Meet the Compliance Officers

Denmark Weatherburne

IT Risk and Event
Management Officer

Ernesto Thimbrel

IT Audit and Document Management Officer

Areli Ramnarace

ISMS Assistant

 Overview

Our dedicated team of Compliance Officers comprises highly skilled professionals with extensive experience in information security and risk management. Their unwavering commitment ensures that our organization not only meets but surpasses the stringent requirements of ISO/IEC 27001. Their expertise and dedication play a pivotal role in safeguarding our data, maintaining our reputation, and fostering trust among our valued clients.

Objectives

CITO’s commitment to maintaining the highest standards of information security is demonstrated through our adherence to the ISO/IEC 27001 standard. As the globally recognized benchmark for information security management, ISO/IEC 27001 provides a systematic framework for effectively managing sensitive information. By complying with this standard, we proactively address risks and safeguard our valuable data assets.

Our Compliance Team plays a crucial role in upholding our commitment to ISO/IEC 27001 standards. Below are the core objectives and responsibilities of our Compliance Officers:

  1. Risk Management
    • Identify, assess, and mitigate risks related to information security
    • Implement robust risk treatment plans to address vulnerabilities and threats.
  2. Policy Development and Enforcement
    • Assist in developing, reviewing, and updating information security policies, procedures, and controls.
    • Ensures strict adherence to these policies across all levels of the organization.
  3. Incident Management
    • Monitor and respond promptly to information security incidents.
    • Conduct thorough investigations and implement corrective actions to prevent recurrence.
  4. Compliance Audits and Reviews
    • Regularly conduct internal audits and reviews to ensure compliance with ISO/IEC 27001 standards.
    • Prepare for and facilitate external audits by certification bodies.
  5. Continuous Improvement
    • Foster a culture of continuous improvement by regularly reviewing and enhancing our information security management system.
    • Stay updated with the latest security trends, threats, and best practices.
  6. Documentation and Reporting
    • Maintain comprehensive documentation of all information security activities, policies, and procedures.
    • Provide regular reports to senior management on the status of information security and compliance.