Information Security Policy
Establishment of task teams to conduct the ISMS.
The task teams are responsible for the operation, inspection and improvement of ISMS.
Risk assessment, control choices, implementation of controls and continuous monitoring of risks are a continuous activity for all asset owners and employees to participate in.
Management allocates the necessary resources for the operation and improvement of ISMS.
All personnel should receive the necessary information security training, for the continuity of ISMS,
ISMS Task Team will review the ISMS in 6 months with 1 periodic meetings and monitor the changing risks, the controls applied, and make decisions for the necessary corrections.
Senior Management conducts an annual YGG meeting.
In order to audit the ISMS, the internal audit team should be trained and monitored in accordance with the internal audit plan.
All sub-policies published within the scope of ISMS are prepared specifically for the subject. All employees are expected to adopt these policies as a working rule and follow the rules in the policies.