ISMS Policy

RSM Uruguay has defined its ISMS Policy as follows:

Management and employees of RSM Uruguay are committed to maintaining the confidentiality, integrity and availability of physical and electronic information assets managed by RSM Uruguay, to preserve consistency with its objectives and reduce risks to information to acceptable levels.

 In order to comply with these commitments, RSM Uruguay has established, maintains and continuously improves an Information Security Management System (ISMS) in accordance with the ISO/IEC 27001:2022 standard.

 RSM Uruguay has adopted Information Security objectives and performance parameters that reflect the effectiveness of the ISMS. RSM Uruguay has also established Information Security performance objectives and parameters that are appropriate for the services provided to its clients. The security objectives and performance parameters of RSM Uruguay will be monitored to demonstrate the continuous improvement of the ISMS. Control objectives are designed to be supported by specific policies and procedures and documented where appropriate.

 All RSM Uruguay employees, as well as external service providers, are expected to comply with the ISMS. Any serious non-compliance after the adoption of the ISMS will be considered a violation, which will lead to the adoption of appropriate measures.

The Information Security and Cybersecurity Committee and senior management of RSM Uruguay are committed to promoting compliance with the ISMS. 

This policy will be reviewed at least once a year.

Access the policy here.

For more information about RSM Uruguay's policies, please contact [email protected].