The purpose of the Information Security Policy is to protect information assets, to ensure the confidentiality of information and data, to protect against access by unauthorized persons who will try to disrupt its integrity, and thus to eliminate situations that would undermine the trust and reputation of our Ministry.
All controls in the TSE ISO/IEC 27001 Applicability Statement are applicable by Çelik Elektrik and have their equivalents.
Çelik Elektrik, in line with ISO 27001:2013 Information Security Management System;
» To protect the availability, integrity and confidentiality of information,
» To provide trainings to develop competencies in order to increase awareness of information security,
» To meet the information security requirement arising from corporate responsibilities towards stakeholders in the domestic and foreign markets,
» To plan, implement, control, update and improve ISMS by determining information security targets and activities,
» To determine the roles and responsibilities within the scope of the policy and to provide the necessary resources,
» Patching the business plan, complying and supervising the process,
» To ensure the confidentiality of personal data and information,
» Checking devices such as computers and lights after working hours in case the offices are left open,
» The legal requirements of the legislation and the provisions in the contracts with third parties are constantly monitored,
» Identification and systematic management of risks related to information and information processing opportunities,
» To create a dynamic structure in order to adapt to the development and change in the field of information technologies,
» Implementing technical security controls,
» It is committed to ensuring that the basic and supporting business activities of the institution continue with minimum interruption.
Çelik Elektrik İnş. San. ve Tic. A.Ş.
Board of Directors