Suppliers

Supplier Approval

At Izertis, the selection and approval of our technology partners is a key element in ensuring the highest quality in the services we provide to our clients.

To this end, we apply a set of criteria defined within our supplier approval and reapproval processes. These include aspects such as capabilities, supplier type, turnover volume, payment terms, the history of the relationship with the company (including non-conformities recorded over the past year), and their commitment to quality, the environment and information security, as evidenced by the relevant certifications.

Likewise, in line with the growing importance of sustainability within our organisation, we have incorporated specific criteria into our supplier evaluation and approval processes, with the aim of promoting environmentally, socially and governance-responsible practices (ESG) throughout the entire supply chain.

Within the framework of the Environmental Management System based on the ISO 14001 standard, Izertis establishes specific criteria for the evaluation and selection of suppliers with potentially significant environmental impact. In this regard, strict compliance with applicable environmental legislation is required, as well as adherence to current regulatory requirements and other environmental commitments undertaken by the organisation, such as proper waste, emissions and discharge management, the efficient management of environmental permits and licences, and prioritising suppliers that have certified environmental management systems or equivalent practices.

Additionally, in the case of suppliers providing services that involve access to or processing of personal data, Izertis applies specific requirements regarding privacy and data protection. These include compliance with applicable regulations, the adoption of appropriate technical and organisational measures to ensure the confidentiality, integrity and availability of information, and the formalisation of relevant data processing agreements where applicable.

Similarly, for those suppliers whose services are related to information security or may have an impact on Izertis systems and assets, additional evaluation criteria are established. These include verification of their level of maturity, regulatory compliance, implemented controls, and degree of alignment with the organisation's security standards.

Finally, the company conducts a thorough annual review of its suppliers, assessing the criteria defined in their current certifications, the results of which are reflected in the corresponding supplier evaluation reports.

Useful links