Our Information Security Policy
Our Information Security Policy
- We define the authority, roles, and responsibilities for the establishment and implementation of the Information Security Management System and periodically review these authorities, roles, and responsibilities.
- We identify and classify our information assets, determine the risks that threaten them, develop and effectively implement the necessary methods to manage these risks.
- We follow relevant legislation and developments related to it, and take necessary measures to ensure its implementation and prevent possible violations.
- Recognizing that the most important factor in ensuring information security is people, we organize training to raise awareness of our employees and, when necessary, other stakeholders about information security, and monitor the results.
- In case of any adversity, we prepare business continuity plans to ensure that our operations and responsibilities to stakeholders are not interrupted, and we test these plans.
- To help ensure that our Information Security Management System operates in compliance with standards, we prepare procedures and instructions, define control points, and regularly measure, audit, and review its effectiveness in line with the philosophy of continuous improvement.