- Necessary participation and support will be provided to ensure compliance with Information Security Management System standard conditions and requirements.
- We will work in compliance with the requirements determined by the laws of the Republic of Turkey, regulations, circulars, customer contracts and the legal legislation required by the business.
- Confidentiality of personal, corporate or Third Party (produced and/or used) information will be guaranteed in all cases.
- In accordance with the “need to know” principle, it will be ensured that information is accessible only to authorized persons.
- Unauthorized use, modification, disclosure, and damage to all information assets, knowingly or unknowingly, will be prevented.
- The risks on information assets will be evaluated and the risks identified will be reduced to acceptable levels.
- Training and awareness programs will be created to increase the information security awareness of the employees and to encourage them to contribute to the operation of the system.
- If necessary, awareness programs will be created to increase information security awareness for supplier employees.
- Necessary support will be provided for the studies to be carried out to detect, report, close and prevent recurrence of all real or suspected violations of information security incidents.
- By ensuring business continuity, necessary support and contribution will be provided to ensure continuous access to information at the planned levels.
- Necessary resources will be provided for the implementation, maintenance, and continuous improvement of the Information Security Management System.