FİGES, within the framework of the legal legislation to which it is subject, keeps the identified risks of all relevant information assets, especially the information of our customers and employees, under control, and ensures their confidentiality, integrity and accessibility. In this direction, our aim is to continuously improve and develop the expectations of the related parties (law, legislation, bilateral agreements, etc.) with the participation of our employees, based on TS ISO / IEC 27001 Information Security Management Systems Requirements.
Those who use our company’s IT infrastructure and access information resources:
- They ensure the confidentiality, integrity and accessibility of FİGES information and information systems.
- They identify risks to information assets and take information security measures determined according to risk levels.
- They report information security violation incidents to the relevant unit and take measures to prevent these violations.
- They do not transmit their internal information sources to third parties without authorization.
- They do not use the company’s IT resources for activities contrary to the laws and related regulations.
- They protect the confidentiality, integrity and availability of information belonging to customers, business partners, suppliers or other third parties.
- Participates in trainings that will develop technical and behavioral competencies in order to increase information security awareness.
Evaluates continuous improvement opportunities and performs its activities in order to keep the Information Security Management System alive.All employees support Information Security Policy and principles and comply with Information Security Management System (ISMS) policies, processes and regulations. Information Security Policy violations detected as a result of surveillance, audit or denunciation may result in sanctions such as termination of employment and initiation of judicial and criminal legal proceedings.
