INFORMATION SECURITY MANAGEMENT SYSTEM POLICY
Information security has gained great importance in the digitalizing world.
MARTEKS ISMS main theme; To show that information security management is provided within human, infrastructure, software, hardware, organization information, information belonging to third parties and financial resources, to ensure risk management, to measure information security management process performance and to regulate relations with third parties in matters related to information security. .
In this direction, the purpose of our ISMS Policy is;
-
Managing information assets, determining the security values, needs and risks of assets, developing and implementing controls for security risks,
-
Define the framework to be determined by the methods for determining information assets, values, security needs, vulnerabilities, threats to assets, and the frequency of threats.
-
To continuously improve the Information Security Management System.
-
Defining a framework for evaluating the privacy, integrity and accessibility impacts of threats on assets. .
-
To reveal the working principles for the processing of risks.
-
To monitor the risks continuously by reviewing the technological expectations in the context of the scope of service
-
To provide information security requirements arising from national or international regulations to which it is subject, fulfilling legal and relevant legislation requirements, meeting obligations arising from agreements, and corporate responsibilities towards internal and external stakeholders.
-
To reduce the impact of information security threats to service continuity and to contribute to continuity
-
To have the competence to rapidly intervene in information security incidents that may occur and to minimize the impact of the incident.
-
To maintain and improve the level of information security over time with a cost effective control infrastructure.
-
To improve the reputation of the institution, to protect it from negative effects based on information security.
-
To ensure that all employees are informed of their individual obligations regarding this information security policy;
-
To maintain a management system that will achieve these goals and seek continuous improvement in the effectiveness and performance of our "risk" based management system.