Our company aims to protect the reliability and corporate image of our company in the activities carried out by our company, to ensure the information security of all physical and digital information assets and all other information assets used in the information infrastructure used to ensure that basic and supporting business processes continue with minimum interruption.
This document declares that the management supports the implementation and control of the Information Security Policy, and the implementation of the necessary sanctions in case of security breaches. Our company, in line with its mission and vision, undertakes the following issues in order to ensure the confidentiality, integrity and accessibility of information within the framework of the Information Security Management System (ISMS) standard: • Everyone who uses the information processing infrastructure and accesses information asset resources; in personal and electronic communication and information exchanges with third parties, to protect the confidentiality, integrity and accessibility of the company's information, to back up the information processed according to the criticality levels, to take security measures determined according to the risk levels, to report information security violation incidents, to notify the relevant units and to take precautions to prevent such violations, • Not to use IT resources for activities contrary to the laws and related legislation, • To clearly undertake to meet the applicable conditions regarding information security and to provide the necessary leadership and commitment to take all measures to ensure the continuous improvement of the Information Security Management System, • To plan, implement and control the ISMS by determining the information security targets and activities and to take/have taken all necessary measures to ensure the continuous improvement of the system, • To define how the activities carried out meet the legislation, contract, standard and business requirements, • To provide awareness, training and encouragement to ensure the participation and compliance of our employee personnel in the information security system due to the holistic approach requirement of information security, • To monitor the relevant parties and their conditions, to meet their needs and requirements • To keep customer satisfaction at the highest level • To ensure the continuous development of our employees • To control, monitor, review the efficiency of the management system with internal and external audits and to continuously adapt the system, to continuously improve it • To determine and assign the duties, roles and responsibilities and necessary resources within the scope of ISMS; To define, evaluate and implement appropriate risk processing options for current and potential risks that may affect the ability of the information security management system to achieve the targeted outputs, • To take the necessary measures to ensure that all stakeholders comply with the determined issues regarding information security, • To ensure that this policy is announced, accessible, awareness is created and implemented.It includes the unconditional satisfaction of customers, business partners and employees by expanding the quality studies and by standardizing with ISO 9001, ISO 20000, TS ISO/IEC 27001 ve TSE HYB certificates.
