The purpose of the Information Security Policy is to define the information security management framework and basic information security goals and principles, as well as emphasize the support provided by the management to the information security management system.
The Information Security Policy aims to protect the physical and electronic information assets that affect global operations of the company to ensure employees act in accordance with the company’s security requirements, increase their consciousness and awareness in a way that enables the basic and supporting business operations of the company to be maintained with minimum interruption, protect company reliability and prestige, and maintain compliance with agreements signed with third parties. Goals determined by the management are regularly monitored and reviewed during Managerial Review meetings.
This policy covers all the information assets within Apps Medya Teknoloji A.S, followed by employees at all locations, as well as internal and external suppliers/contractors.
Company employees are responsible for:
- Completing the Information Security training assigned to them,
- Conducting their work in line with Information Security targets, policies, and the Information Security Management System documents,
- Paying attention to and reporting any observed or suspected Information Security Breaches,
- Ensuring that a Confidentiality Agreement is signed before any data is shared with third parties; additionally, signing service agreements regarding any work conducted with them, and meeting the Information Security requirements.
Third-party employees and companies are responsible for:
- Processing, storing, anonymizing, and disposing of the data in line with this policy and the procedures and instructions within the scope of this policy,
- Adhering to confidentiality agreements,
- The content of the signed agreements,
- Current laws and regulations,
At Apps Medya Teknoloji A.S., we promise to carry out the following activities to protect, update, and ensure the accessibility of the information assets belonging to us and our shareholders by:
- Securing any information necessary for our activities,
- Meeting the information security obligations resulting from national and international regulations and the legal requirements that we are subject to,
- Contributing and continuously improving the information security of all employees by increasing their competences,
- Raising employee and third-party awareness of information security to protect their and their shareholders’ information,
- Creating business continuity plans and taking the necessary measures against evolving information security threats by conducting risk analyses,
- Providing the necessary support and resources to ensure information security.