Information Security Policy

Information Security Policy

In order to achieve highest level information security in all of our areas of activity and ensure continuous development of information security management system;

 

 

IMPACT ON BUSINESS: After taking into account cost of asset replacement, confidentiality of information, its impact on our image and losses to be incurred in terms of legal obligations,

POTENTIAL THREATS: After addressing the weaknesses and the extent of resolving these weaknesses through existing control mechanisms, motivation for a cyber-attack, attractiveness of the information for the competitors, gaps in access controls and dangers threatening the integrity of information,   

 

WE HEREBY UNDERTAKE THAT:

 

WE WILL DETERMINE AND EVALUATE THE RISKS ARISING FROM CONFIDENTIALITY OF THE INFORMATION (accessibility of information only by authorized persons), INTEGRITY OF THE INFORMATION (protection against and becoming aware of authorized alterations) AND ACCESS OF THE INFORMATION (informing being usable when needed by authorized persons),

 

WE WILL PERFORM NECESSARY CONTROLS FOR ALL ASSETS THAT ARE THREATENED AT AN UNACCEPTABLE LEVEL, 

 

WE WILL MEASURE THE PERFORMANCE OF INFORMATION SECURITY PROCESSES AND DEVELOP NEW TARGETS BASED ON THAT DATA,

 

WE WILL MINIMIZE OUR WEAKNESSES AND THREATS BY MAKING INVESTMENTS TO THE INFRASTRUCTURE, WORK ENVIRONMENT, HARDWARE, SOFTWARE AND TRAININGS,

 

WE WILL MEET THE SECURITY REQUIREMENTS OF OUR BUSINESS, OUR CUSTOMERS AND OTHER STAKEHOLDERS AND MEET THE LEGAL CONDITIONS IN CONNECTION WITH INFORMATION SECURITY.