Information Security Policy
TO ENSURE THE CONTINUOUS DEVELOPMENT OF OUR INFORMATION SECURITY MANAGEMENT SYSTEM WITHIN OUR ORGANIZATION:
IDENTIFYING INFORMATION ASSETS: Considering issues such as the cost of replacing the asset, the confidentiality of the information, the impact on the image, the damage it will cause in terms of legal and legal obligations,
THREAT PROBABILITY: Considering the multitude of vulnerabilities and how much the existing controls can cover these vulnerabilities, attacker motivation, the appeal of information for competitors, gaps in access controls and dangers related to the integrity of information,
DETERMINING AND EVALUATING RISKS RELATED TO THE CONFIDENTIALITY, INTEGRITY, AND ACCESS OF INFORMATION,
IMPLEMENTING NECESSARY CONTROLS FOR ALL ASSETS ABOVE THE ACCEPTABLE LEVEL,
MEASURING THE PERFORMANCE OF INFORMATION SECURITY PROCESSES,
PRODUCING TARGETS FROM THESE DATA,
REDUCING OUR WEAKNESSES AND THREATS WITH INFRASTRUCTURE, WORK ENVIRONMENT, HARDWARE, SOFTWARE, AND TRAINING INVESTMENTS,
MEETING THE SECURITY REQUIREMENTS REQUIRED BY OUR BUSINESS, OUR CUSTOMERS, AND LEGAL CONDITIONS,
Policies are reviewed at management review meetings and revised as necessary in line with the set targets.
When determining policies in Information Security; Confidentiality, Integrity, and Accessibility are considered while processing, transmitting, and preserving information.