Skip to main content
Submit RFP

      In this policy, "KPMG" refers to KPMG & Associados – Sociedade de Revisores Oficiais de Contas S.A. or to KPMG Advisory – Consultores de Gestão, S.A.

      Depending on the context, there may also be references to KPMG International Limited ("KPMG International"), an English company, and/or to any one or more member firms of the KPMG network, comprising independent firms affiliated with KPMG International. KPMG International provides no services to clients.
      KPMG regards information as an essential asset for conducting its business operations. It therefore takes responsibility for protecting it and is committed to safeguarding information and associated assets by respecting the core values of information security – Confidentiality, Integrity and Availability.
      This Information Security Policy applies to KPMG in Portugal as a whole and expresses the Executive Board’s commitment to complying with and enforcing the information security standards and procedures.
      KPMG has established and implemented, maintains and constantly improves the Information Security Management System, including the necessary processes and respective interactions, in accordance with the policy’s requirements.
      Information Security at KPMG is guided by a series of principles and aims for ensuring that the Information Security Management System is successful in its mission.
      Our commitment to Information Security is aligned with the following set of principles:

      • Confidentiality – We ensure that only authorised persons have access to the information and to the associated assets.
      • Integrity – We safeguard the accuracy and completeness of the information stored and processed.
      • Availability – We keep operating systems available, minimising downtime and ensuring reliable access to information when required.
      • Traceability – We ensure that any changes or events associated with information assets or their authors are duly recorded.
      • Non-repudiation – We ensure the traceability of user actions in information assets, so that we can at any time guarantee authenticity and user accountability in relation to those actions.
      • Authenticity – We verify the identity of users and the origin of the information, ensuring it is genuine and reliable.

      Get in touch with us