We guarantee that all our activities falling within the scope of ensuring information security in the operation of all infrastructure and superstructure are conducted in accordance with the ISO/IEC 27001:2022 standard.

Our Information Security Management System (ISMS) Policy entails the following commitments:

• Managing the Information Security Management System in compliance with the TS/ISO/IEC 27001:2022 standard,
• Safeguarding our information assets by controlling their storage, transmission, modification, access, and processing activities in line with industry best practices, and by ensuring the implementation of in-process controls through the principle of segregation of duties,
• Preserving the availability, integrity, and confidentiality of information,
• Implementing physical security controls for assets stored in secure areas,
• Assessing and managing risks that may affect information assets,
• Protecting the credibility and reputation of our organization,
• Enforcing appropriate sanctions in the event of information security breaches,
• Establishing the necessary administrative structure, resources, and infrastructure to ensure prompt reporting of any information security violations and the timely implementation of corrective actions,
• Fulfilling the requirements of applicable national and international regulations, legal and contractual obligations, and the information security expectations stemming from our corporate responsibilities towards internal and external stakeholders,
• Reducing the impact of information security threats on business/service continuity and ensuring the continuity and sustainability of operations,
• Conducting internal audits to ensure compliance with and continual improvement of the Information Security Management System, and considering audit results in management review meetings,
• Communicating this policy to all employees, and providing the necessary resources and training to ensure its effective implementation,
• Continuously working to raise awareness on information security among all our stakeholders,
• Committing to maintaining and enhancing the level of information security through the established control infrastructure.