INFORMATION SECURITY MANAGEMENT SYSTEM POLICY
TS EN ISO 27001:2022 Main theme of Information Security Management System; in Acıbadem Technology Inc. is; to show that information security management is ensured for information belonging to human, infrastructure, software, hardware, client, institution and information belonging to third parties and financial sources; and to assure risk management and to measure information security management process performance and to ensure the arrangement of relations with third parties on the subjects about information security.
Accordingly, the purpose of Information Security Management System Policy is;
To protect Acıbadem Technology information technology portfolio against all kind of threat knowingly or unknowingly, to provide the accessibility of information in accordance with work process, to meet legal legislation necessity,
-
To ensure the continuity of three main elements of Information Security Management System in all continuing operations.
Confidentiality: To prevent unauthorized access to important information,
Integrity: To show the accuracy and integrity of information,
Accessibility: To show the accessibility of information of authorized people,
Taking care of security of all data not only stored in electronic environment, but also available in written, pressed, verbal or similar environments.
To give the education of Information Security Management to all staff and to raise awareness.
To report all vulnerabilities in information security, which are really present or raise doubts, to Information Security Management System team and to ensure the investigation by Information Security Management System coordinator.
To prepare business continuity plans, to continue and to test.
To identify risks by performing periodic evaluations about information security. As a result of evaluations, to review and to follow up action plans.
To prevent all kind of conflict and conflict of interest.
To meet the requirements for accessibility of information and information systems.