Information Security Management Policy

security-management

 

TS EN ISO 27001: 2013 Information Security Management System’s main theme is; In ARNIL-NET Software Services; to demonstrate that information security management is provided within human, infrastructure, software, hardware, customer information, organization information, third party information and financial resources, to ensure risk management, to measure the process performance of information security management, and to ensure that information security to ensure the regulation of relations.

In this respect, the purpose of our ISMP Policy;

Accordingly, the purpose of our ISMS Policy;

· To protect ARNIL-NET information assets against any threat that may occur intentionally or unintentionally from inside or outside, to ensure access to information through business processes as required, to meet the requirements of legal regulations, to carry out studies for continuous improvement,

· To ensure the continuity of the three basic elements of the Information Security Management System in all activities carried out.
Confidentiality: Preventing unauthorized access to important information,
Integrity: Demonstration of the accuracy and integrity of information,
Accessibility: Demonstrating the accessibility of information to the authorized persons when necessary,

· Not only data held electronically; to take care of the security of all data in written, printed, oral and similar media.
· To raise awareness by giving Information Security Management trainings to all personnel.
To report to the ISMS Team all the gaps in the Information Security that exist or raise suspicion and to have the ISMS Team investigate it.

· Preparing, maintaining and testing business continuity plans.
· Periodically assessing Information Security to identify existing risks. As a result of the evaluations, to review and follow the action plans.
· To prevent any conflicts and conflicts of interest that may arise from the contracts.
· To meet business requirements for information accessibility and information systems.