INFORMATION SECURITY MANAGEMENT SYSTEM POLICY
Information Security Management System Policy aims to provide business continuity and decrease the risks at minimum.
Policy’s target is to protect Birlik A.S.’s information entities against all internal, external, intentional and unintentional threats during processes.
Security Policy guarantees the followings;
- Information integrity is going to be saved.
- Information confidentiality is going to be provided and protected against unauthorized access.
- Information accessibility is going to be provided.
- Rules of legal requirements and agreements done with business partners, customers and suppliers, are going to be followed and applied.
- Business continuity plans are going to be valid, tested and operational.
- Information Security trainings are going to be given to all workers.
Procedures are to be prepared in accordance with the policy.
Responsibilities of Information Security Executive are;
- To support the application of the policy,
- To research and take precautions for report ed real or suspicious information security violation.
Management is responsible for policy application and educating the employees.
It is obligatory for everyone who is in contact with Birlik A.S to understand Information Security Policy.
ISO/IEC 27001:2013 Information Security Policy is approved by General Manager of Birlik A.S.