Purpose
The purpose of this Information Security Policy is to establish the information security management framework together with the basic information security goals and principles that govern it. It also affirms the support that management provides to the information security management system.
This policy is intended to protect the physical and electronic information assets that affect the global operations of the company. Its aims are to ensure that employees act in accordance with the company's security requirements, to raise their consciousness and awareness so that the company's core and supporting business operations can continue with minimum interruption, to safeguard the company's reliability and prestige, and to maintain compliance with the agreements the company has signed with third parties. The goals set by management are monitored and reviewed on a regular basis during Managerial Review meetings.
Scope
This policy covers all information assets within Apps Medya Teknoloji A.S. It applies to employees at all locations, as well as to internal and external suppliers and contractors.
Responsibilities of Company Employees
Company employees are responsible for:
- Completing the Information Security training assigned to them.
- Carrying out their work in line with Information Security targets and policies and with the documents that make up the Information Security Management System.
- Remaining alert to, and reporting, any observed or suspected Information Security breaches.
- Ensuring that a Confidentiality Agreement is signed before any data is shared with third parties, signing service agreements covering any work conducted with those third parties, and meeting the applicable Information Security requirements.
Responsibilities of Third Parties
Third-party employees and companies are responsible for:
- Processing, storing, anonymizing, and disposing of data in line with this policy and with the procedures and instructions that fall within its scope.
- Adhering to confidentiality agreements.
- The content of the agreements they have signed.
- Compliance with the laws and regulations currently in force.
Management Commitments
At Apps Medya Teknoloji A.S., we undertake to carry out the following activities in order to protect, update, and ensure the accessibility of the information assets belonging to us and to our shareholders:
- Securing any information required for our activities.
- Meeting the information security obligations arising from the national and international regulations and legal requirements to which we are subject.
- Contributing to, and continuously improving, the information security of all employees by strengthening their competences.
- Raising the information security awareness of employees and third parties so that their information and that of their shareholders is protected.
- Creating business continuity plans and taking the measures needed against evolving information security threats by conducting risk analyses.
- Providing the support and resources necessary to ensure information security.