ISO27001 Information Security Policy
Information security is possible by ensuring the confidentiality, integrity and accessibility of information assets.
information;
- Confidentiality requirement means that the information is accessible only to authorized persons,
- Integrity requirement, ensuring completeness and accuracy of information assets, protection from unauthorized changes,
- Accessibility requirement means that information assets are available to authorized users when needed.
In order to ensure information security, it establishes its own corporate functioning principles. Determining the Information Security Policy, defining the security roles and making all relevant updates are carried out with the support of the Head of Information Technologies Department and coordination of all its sub-units. It may seek the opinion of internal and external experts when necessary.
Information assets are appropriately classified. The assets are valued and the value of the assets is calculated to develop the appropriate level of control.