Aim
The purpose of the Information Security Policy is to prevent information security incidents or to minimize the risk of damage in order to ensure the business continuity of 3N AYDINLATMA and its affiliated group companies and to reduce the impact of possible threats.
In this context, it is aimed to ensure compliance with the KVKK standard by establishing an Information Security Management System.
Binoculars
This policy covers the information assets within 3N Lighting. It is implemented by employees in all locations, on-site and off-site suppliers/contractors.
Responsibility
The Information Security Board of Directors is responsible for keeping the risks to company information assets at an acceptable level approved by the senior management within the scope.
Policy
• The purpose of the policy is to protect the company's information assets against internal and external intentional or unintentional threats.
• 3N Lighting Management has approved this policy.
• The Information Security Policy ensures all the following requirements:
o Defining processes and information assets and carrying out risk assessments related to them methodologically
o Protection of information against unauthorized access
o Ensuring the confidentiality of information
o Protecting the integrity of information
o Access to information whenever business processes need it
o Fulfillment of legal obligations arising from legal obligations and contracts
o Developing and improving business continuity plans
o Providing Information Security trainings to all employees
o Ensuring that all Information Security violations or suspected violations are reported to the Information Security Board of Directors and reviewed
• Procedures and related instructions have been defined to support this policy.
• Information Security is provided by considering business needs.
• The Information Security Board ensures that this policy and all related documents are developed, documented and continuously improved in the Information Management System.
• All management staff are responsible for the compliance of the units they manage with this policy and related procedures.
• Compliance with the Information Security Policy is mandatory for all employees.