The main theme of TS EN ISO 27001: 2013 Information Security Management System; To show that information security management is provided in - Soder Information Technologies A.Ş. within human, infrastructure, software, hardware, customer information, organization information, third party information and financial resources, to guarantee risk management, to measure information security management process performance and to regulate the relations with third parties on information security related issues.
Accordingly, the purpose of our ISMS policy is;
Soder Information Technologies A.Ş. against any threats that may occur, inside or outside, knowingly or unintentionally to protect information assets, to ensure accessibility to information with business processes as required, to meet legal legislative requirements, to work towards continuous improvement,
To ensure the continuity of the three basic elements of the Information Security Management System in all activities carried out.
Confidentiality: Preventing unauthorized access to important information,
Integrity: Demonstrating the accuracy and integrity of the information,
Accessibility: Demonstration of information accessibility of those authorized,
Not only data kept electronically; to deal with the security of all data in written, printed, verbal and similar media.
To raise awareness by giving Information Security Management trainings to all staff.
To report all open or suspicious openings in Information Security to the ISMS Team and ensure that they are investigated by the ISMS Team.
To prepare, maintain and test business continuity plans.
To identify existing risks by periodically evaluating Information Security. As a result of the evaluations, reviewing and following up the action plans.
To prevent any conflicts and conflicts of interest that may arise from contracts.
To meet business requirements for information accessibility and information systems.
