Certificates

Home » Certificates

CORPORATE POLICY FOR QUALITY MANAGEMENT AND INFORMATION SECURITY

PAT, a Zucchetti Group company, has been developing automated Customer-Centric applications and service management solutions for private companies and public institutions for over 30 years.

As part of its mission ("We invest our experience and technology in support of our customers' business processes"), PAT emphasizes its commitment to achieving excellence in the services and solutions offered to Clients. To achieve this goal, the company is constantly engaged in enhancing skills and innovation, with the aim of fully satisfying Customers and promoting the professional growth of its Employees and Resources.

PAT’s focus and commitment are therefore directed toward all aspects of corporate Quality, Information Security, and Business Continuity, recognizing them as key success factors.

PAT is fully aware of its role and responsibilities toward Clients and Employees. For this reason, the company has long pursued continuous improvement in its performance, undergoing third-party audits that have certified its operational approach, compliance with regulations, and its ability to fully meet customer requirements and expectations.

Accordingly, this Integrated Policy serves as a reliable, transparent, and effective communication tool through which PAT informs Customers, Employees, Suppliers, and Partners about its activities, performance, priorities, programs, and objectives concerning Quality, Information Security, and Business Continuity.

 

SCOPE

PAT is certified for the following standards:

  • · ISO 9001 for the following activities: "Development, implementation, support, and maintenance of software application solutions for Customer Relationship Management and organizational process automation. Provision of consulting services for the range of supplied products. Delivery of software support services related to customer service, including development and implementation of advanced technologies."
  • · ISO/IEC 27001, extended to ISO 27017 and ISO 27018 guidelines, for the following activities: "Design, development, and implementation of software applications with provision of professional and support services, including information system management services for Cloud solutions also in SaaS mode."

 

PRINCIPLES

PAT’s operations are guided by the following principles:

  • · Meeting customer needs and expectations is the cornerstone of PAT's Vision;
  • · Engaging Resources as the most valuable asset Involvement of people as our most valuable resource, by ensuring a safe, healthy, and motivating work environment that fully values each individual's contribution;
  • · Compliance with applicable laws, regulations, and contractual clauses;
  • · Promoting awareness of the Quality and Information Security Management Systems (QMS and ISMS) among staff to improve efficiency and achieve desired outcomes goals;
  • · Data security and continuity: customer data integrity, availability, and confidentiality are ensured through organizational measures and data centers certified to the highest standards;
  • · Need to know principle: information is accessible only to authorized and relevant personnel;
  • · Use of qualified suppliers to ensure high-quality services;
  • · Continuous improvement: projects and management systems are constantly enhanced based on past experience and performance;
  • · Sustainability: PAT is committed to contributing to sustainable development by integrating this goal into its business model;
  • · Ethics and integrity: PAT commits to conducting its business in accordance with the highest ethical standards, with zero tolerance for corruption, in compliance with laws and regulations both in Italy and abroad.

 

OBJECTIVES OF THE INTEGRATED MANAGEMENT SYSTEM

PAT’s Corporate Policy within its Integrated Management System aims to:

  • · Ensure full satisfaction of the needs and expectations of relevant stakeholders;
  • · Constantly monitor the internal and external context in which it operates;
  • · Guarantee Customers the continuous availability of people, processes, and technologies in support of services provided and in compliance with defined Service Levels (SLA);
  • · Comply with applicable laws and regulations, contractual obligations, internal policies, and procedures;
  • · Maintain high quality standards for its products;
  • · Raise supplier awareness regarding quality, information security, and business continuity, always requiring compliance to company policies;
  • · Ensure Business Continuity for critical service delivery assets and processes, minimizing business impact during crises and ensuring quick restoration of normal operations;
  • · Use the best available technology to achieve corporate objectives;
  • · Protect personal and business information from unauthorized access;
  • · Minimize the risk of data loss, unavailability, or unlawful disclosure by planning and managing activities to ensure service continuity;
  • · Secure personal and business information within cloud environments;
  • · Develop and maintain an Integrated Management System as a tool to achieve objectives, meet commitments, and promote the continuous improvement of business processes;
  • · Conduct risk assessments and analyze vulnerabilities and threats in order to identify and implement necessary security and corrective measures;
  • · Periodically review the Policy, Objectives, targets, implementation programs, and the Management System itself, ensuring appropriate visibility within the company;
  • · Carry out internal audits to ensure compliance with the Integrated Management System requirements and apply all necerrary corrective actions;
  • · Promote implementation, understanding, and awareness of the Integrated Management System across the organization;
  • · Enhance information, training, and education efforts, involving all personnel and making them aware of their individual obligations and the importance of their actions in achieving desired results;
  • · Periodically monitor the effectiveness of the Integrated Management System, including through Management Review.

 

The Management, February 17, 2025

UNI EN ISO 9001:2015

 

Pat has successfully passed the ISO 9001:2015 Quality Certification review, securing the issuance of the new certificate!

A certified company is better positioned to strengthen and expand relationships with existing clients and to acquire new ones—both nationally and internationally—thanks to an improved external image.

We’d like to highlight the importance of holding certifications, as they are often required to participate in specific tenders and public procurements. Certifications are a mark of quality, reliability, and competence.

The year-end audit, conducted by the certification body Certiquality, confirmed that the requirements set out by the standard are met, and that PAT has correctly implemented the necessary organizational and operational processes.

The renewal of this certification once again confirms our ability to maintain a high standard of service quality and to consistently and effectively meet customer expectations, while achieving significant improvements in organizational efficiency and the quality of our products and services.

The ISO certification represents an important validation for both the company and our clients. It demonstrates the use of proper professional tools and the compliance of our process management systems with the standards defined by international technical regulations.

Resources, competence, awareness, communication, and documented information are the core principles on which the certification is based.

You can view PAT’s certification here.

UNI EN ISO 27011:2022

 

PAT places strategic importance on the secure handling of information and recognizes the need to develop, maintain, monitor, and continuously improve an Information Security Management System (ISMS) in accordance with the ISO/IEC 27001:2022 standard, as well as guidelines ISO/IEC 27017 and ISO/IEC 27018.

Achieving ISO 27001 certification demonstrates that PAT has implemented an ISMS compliant with international standards, ensuring the confidentiality, integrity, and availability of data, and protecting critical information from both internal and external threats.

Obtaining ISO 27001 certification involves several key steps, including risk assessment, implementation of control measures, internal audits, and an external audit conducted by an accredited certification body.

You can view PAT’s certification issued by the certification body Certiquality here