Our objective is to protect information against a wide range of threats to ensure business continuity in accordance with ISO/IEC 27001, to reduce business losses to a minimum level, to increase the yield of investments and business opportunities.
This policy will be a framework that will include information security objectives and set the objectives.
With the establishment and implementation of the ISMS system in our company, it is aimed to increase our current business potential and our customers and to adapt easily to competition conditions becoming fiercer day after day. In parallel with our company purpose of incorporation, our strategies and the protection of information, a solid infrastructure will be formed for the continuity of our customers' trust.
Our employees' compliance with all the policy, rules and regulations is essential. In this regard, the rules that you need to follow as the Management are defined in policies. Disciplinary rules will apply if they are not observed.
There is a risk of losing our customers if the continuity of the ISMS system is not ensured. All kinds of support will be given by the Management in order to reach our targets and to ensure the continuity of the ISMS system. It will be ensured that the applicable requirements for information security are met. In this direction;
• The use of the most basic mechanisms of information security and the risks assumed by those who use, manipulate, and manage information are identified and defined.
• With the contribution of each unit of the organization and the senior management, an environment was established to monitor, direct and confirm the security of information.
• Our information infrastructure has been created in a way that should be protected, shared with trading partners, and not desired to be obtained by our competitors.
• A platform that will not allow any security gaps arising from the facts that information technologies become a parts of our lives more, they are used for more people, they can be generated and developed rapidly has been established and supported for the future.
• With the actualization of the information system, it is aimed to eliminate problems such as deliberate and undeliberate mistakes which have important consequences, unauthorized accesses, unauthorized destruction of information, unauthorized alteration and displaying.
• In order to ensure the continuity of our Information Security Management System, it is aimed to give our employees ISMS and awareness training a least once a year. The training activity is followed up periodically.
• In order to increase our suppliers' awareness in this regard, planning is being carried out in order to question the ISMS infrastructure in our supplier inspections.
This policy will be carried out in integration with other Company Policies. Continuous improvement of the information security management system has been committed.
The Management Representative of ISMS has been designated with the aim of ensuring the sustainability of the ISMS, ensuring the realization and control of the activities, establishing and effective management of the organization necessary for the survival of the policies and Mrs. CANAN MERTOĞLU has been authorized for this.
Halil İbrahim HERGÜNER
Date: 24.06.2019 Rev:07