It aims to ensure the security of information about all activities that are available and will be created under the Authorized Liability Status, provide business continuity with minimum interruption, provide the confidentiality of all information belonging to the company and third parties which is required to be protected and protect all physical and electronic information used in the continuity of business processes and services in accordance with the criteria of Confidentiality, Integrity and Accessibility.
All employees, suppliers, business partners and all other third parties who access and use information assets of Beyçelik Gestamp must fulfill the followings:
· They should comply with the Information Security, Policy, Procedures and Instructions,
· They should inform the responsible units about security and incident violations,
· They should provide the confidentiality of the information belonging to the company and backup the information processed, They should communicate suggestions and developments deemed appropriate by themselves for the development of the system.
Beyçelik Gestamp management; declares that it will prove its commitment to the establishment, realization, operation, tracking, monitoring, maintenance and continuous improvement of the Information Security Management System (ISMS) in accordance with the TS ISO/IEC 27001 Standard by realizing the following issues:
· Determining the objectives of ISMS and making the necessary plan for realizing these objectives.
· By analyzing the risks on Assets and Processes, ensuring risk management within the framework of revealing the risk assessments and risk criteria based on the results of the analyzes.
· Defining the importance of meeting information security objectives and compliance with information security policies, the responsibilities for legal and contractual obligations and the need for continuous improvement.
· Providing adequate resources (financial, human resources, equipment, software, consultancy, training, etc.) to establish, realize, operate, monitor, supervise, maintain and constantly improve the ISMS.
Organizing and managing the necessary actions to determine the criteria for accepting risks and acceptable levels of risk.
Information Security Management System Certificate