Information Security Policy

Information Security Management System

Aiming to fulfill and commit to the following fundamental principles necessary for ensuring the confidentiality, integrity, and accessibility of information assets, as well as their protection, continuity, and sustainability, through an Information Security Management System established for a sustainable future, preferred in the global composite industry with innovative holistic products and services:

  • Ensuring compliance with Information Security Management System standard terms and requirements for providing necessary participation and support,
  • Ensuring compliance with the laws, regulations, directives, customer contracts, and legal requirements determined by the job, in Turkey,
  • Securing the confidentiality of personal, corporate, or Third-Party (produced and/or used) information in all cases,
  • Ensuring that information is accessible only to authorized personnel in accordance with the “need-to-know” principle,
  • Preventing unauthorized use, alteration, disclosure, and damage of all information assets,
  • Providing necessary support and contribution to activities related to assessing the risks on information assets, reducing identified risks to acceptable levels,
  • Ensuring necessary support for planning awareness programs that will increase information security awareness among employees and contribute to the functioning of the system, regularly provided to employees and supplier employees when relevant,
  • Providing necessary support for efforts to detect, report, close, and prevent the recurrence of all actual or suspected breaches of information security incidents,
  • Ensuring necessary support and contribution for maintaining business continuity and ensuring continuous access to information at planned levels,
  • Providing necessary resources for the implementation, maintenance, and continuous improvement of the Information Security Management System,
  • ISO 27001 Information Security Management System will be integrated into our company’s business processes to consider information security requirements at every stage.

Uğur Üstünel – CEO