Teknosa Information Security Policy
Teknosa aims to ensure the security of information and the data it comprises, to operate security measures actively and effectively within a continuous and sustainable governance framework, and to establish a sustainable security system. This is carried out in compliance with the international standard ISO 27001 Information Security Management System
Teknosa, in the process from the establishment to the ensuring of continuous improvement of the Information Security Management System, aims to ensure the confidentiality, integrity, and availability of data and information;
- Ensuring the alignment of policies with current technological developments/requirements to make sure that Information Security Policies are applied throughout all processes.
- Fulfilling all legal and contractual requirements necessary to meet the applicable conditions related to information security
- To treat information security as an essential element in its internal processes and all platforms provided to its customers.
- To apply confidentiality policies in all processes directly or indirectly related to information security.
- To effectively implement acceptable use policies to ensure the secure use of all information assets used within the scope of its processes and services.
- To ensure the protection of access to information across all platforms, it implements appropriate access and authorization rules.
- To ensure compliance with security policies in office, store, and warehouse areas to ensure the physical environment security.
- To ensure that access to stored and archived information is controlled.
- Ensuring secure access to information technology systems and maintaining the continuity of access to these systems.
- To implement and enforce clean desk and clean screen policies in order to effectively ensure information security in secure work areas and business processes.
- To deploy and manage the necessary information technology systems to prevent malicious software and harmful campaigns.
- To monitor potential security incidents and breaches and ensure that necessary actions are taken in a timely manner.
- To position network and system security in accordance with the requirements of international standards.
- To position software development activities in accordance with the requirements of internationally recognized methods and standards.
- To treat information security as an essential element in business relationships with suppliers.
- It is committed to fulfilling business continuity requirements to ensure both information security and business continuity. To ensure that all information security requirements are met accurately and completely;
- Conducting security tests and audits as part of the independent assessment of information security.
- Periodically evaluating and addressing risks on an ongoing basis.
- Carrying out corrective and preventive actions to promptly and effectively address the deficiencies identified through audits.
- Periodically measuring key performance indicators to evaluate the performance of the information security management system.
- Supporting continuous development and training activities to improve the competence and awareness of key personnel who will impact the performance of the information security management system.
- Efforts are being made to establish and monitor information security objectives that cover all corporate processes, prioritizing customers and employees.
CORPORATE GOVERNANCE
- Compliance Reports
- Human Resource Policy
- Disclosure Policy
- Dividend Policy
- Remuneration Policy
- Social Responsibility Policy
- Donation and Aid Policy
- Anti Bribery and Anti Corruption Policy
- Code of Business Ethics
- Sustainable Supply Chain Policy
- Human Rights Policy
- Board Committees
- Supplier Code of Conduct
- Integrated Management Systems Policy
- Information Security Policy
