Only after you have given your consent do we place marketing cookies to make your experience better.

Information Management Security Policy

INFORMATION SECURITY MANAGEMENT SYSTEM POLICY


As HEKTAŞ TİC. T.A.Ş., in order to manage any risks related to our business continuity and information assets, we are committed to:
• Documenting, certifying, and continuously improving our Information Security Management System in compliance with the requirements of TS ISO/IEC 27001:2022 standard,
• Providing our services continuously and in the shortest possible time to ensure compliance with all legal regulations and contractual obligations related to information security,
• Addressing changes in information security requirements through risk management and systematically managing potential risks,
• Conducting training programs to enhance technical and behavioral competencies in order to raise information security awareness,
• Protecting the confidentiality of critical data such as strategic objectives, design, production, sales, supply sources, and information of customers and employees related to our products and services,
• Granting access authorizations based on the “need-to-know” principle and preventing unauthorized access,
• Establishing appropriate physical and electronic environments for the security of information assets,
• Providing the necessary plans and technical infrastructure to ensure the continuity assurance of our information technology services,
• Detecting violations of information security in a timely manner and intervening immediately, managing our activities in an integrated manner with other management systems we apply,
• Ensuring secure access to its own and stakeholders’ information assets,
• Ensuring that employees, suppliers, and other stakeholders can securely access information assets,
• Reducing the impact of information security threats on business/service continuity, and ensuring business continuity and sustainability,
• Allocating, establishing, operating, and continuously improving resources in line with the requirements of the TS ISO/IEC 27001:2022 ISMS standard,
• Undergoing internal audits and independent third-party audits to verify that information security activities are in compliance with laws and standards, and in this context, committing to achieving the following objectives.

 

Click here for document.

© 2024 Hektaş Ticaret A.Ş. all rights reserved.