Information Security Policy
At Açęk Kart Bilgi Teknolojileri, the goal of the Information Security Management System (ISMS) is to ensure business continuity and to reduce business losses to the lowest possible level by preventing or minimizing the effects of security breaches related to information security.
From this point of view, it is aimed to ensure risk management, measure information security management process performance and regulate relations with third parties on information security-related issues.
In this regard, our aim is:
- To protect our Company's information assets against all kinds of threats that may occur from inside or outside, knowingly or unknowingly, to ensure accessibility of information as required through business processes, to meet legal regulatory requirements;
- To identify and evaluate the risks related to information security and to implement the necessary controls for all assets above the acceptable level, while ensuring the continuity of the three basic elements of the Information Security Management System (confidentiality, integrity and accessibility) in all activities carried out;
- To protect and improve the information security level of not only the data kept in electronic media, but also all data in written, printed, verbal, and similar media, with the established control infrastructure;
- To raise awareness by providing Information Security Management training to all personnel;
- To report all existing or suspicious vulnerabilities in information security to the ISMS Team and ensure that they are investigated by the ISMS Team;
- To prepare, maintain and carry out business continuity plans;
- To meet business requirements for information accessibility and information systems;
- To identify current risks by making periodic evaluations on information security; To review and follow up action plans as a result of evaluations;
- To ensure the information security requirements arising from the national, international, or sectoral regulations we are subject to in the Nanofiber Sector in which we serve, to fulfill the legal and relevant regulatory requirements, to meet our obligations arising from agreements, and our corporate responsibilities towards internal and external stakeholders;
- To prevent any disputes and conflicts of interest that may arise from contracts; and
- To provide support to all ISMS processes as the senior management.