Description

Wolkvox maintains a Legal Matrix as an integral part of its Information Security Management System (ISMS), designed to identify, document, and track all applicable legal requirements related to data protection and information security. This matrix is not static; it is periodically reviewed and updated to incorporate new regulations, legislative amendments, or guidelines issued by authorities and regulatory bodies. The goal is to ensure that the company complies with current legal obligations at all times, minimizing risks and guaranteeing compliance in its operations.

Features

Legal Matrix Update Process

• Continuous Monitoring: A dedicated team monitors publications from local, national, and international authorities (such as Colombia’s Superintendence of Industry and Commerce, the EU with GDPR, or standards like ISO 27001 and PCI DSS).
• Periodic Review: The matrix is updated at least every six months, or immediately when a new relevant regulation for the sector or Wolkvox’s operations is enacted.
• Official Sources: Updates are based on official bulletins, regulatory communications, and specialized legal advice.

Integration with the ISMS

• Impact Assessment: Each new regulation is analyzed to determine its applicability and the necessary changes to policies, procedures, or internal controls.
• Responsibility Assignment: Responsible parties are designated to implement required actions, with clear deadlines for compliance.
• Documentation and Evidence: All updates are recorded, including the application date, scope, and measures adopted, to facilitate internal and external audits.