Information Security Policy
Our Company aims at, with the awareness that information assets are very important for business processes and functions;
- Ensuring the confidentiality, integrity, accessibility, continuity, and control of information assets,
- Limiting exposure to risks arising from the loss, degradation or abuse of information assets, ensuring compliance with laws and regulations,
- Protection of information assets against any and all internal or external threats that may arise intentionally or unintentionally
Our Information Security Policy covers all domestic-international personnel of the Company who utilize the Company's information or business systems and third-party service providers and their support staff, who are not Company's personnel but have access to Çimsa's information as per their contractual relationships with Çimsa.
All parties who utilize our Company's information processing infrastructure and have access to information sources:
- Provide the confidentiality, integrity and accessibility of the company's information in personal and electronic communications.
- Take security measures determined as based on their risk levels.
- Report information security violation cases to the Information Security Case Manager and take measures to prevent these violations.
- Do not transmit internal information sources (announcements, documents, etc.) to third parties without authorization.
- Do not use the Company's information sources for activities that are contrary to the law and the related regulations.
- Protect the confidentiality, integrity and accessibility of information belonging to customers, business partners, suppliers or other third parties.
Our Company Management ensures that all our employees receive awareness trainings on Information Security issues in line with our Information Security Policy and ensure compliance with the policy.
All employees support Information Security Policy and its principles and adhere to the policies, procedures and regulations of the Information Security Management System (ISMS) referring to this policy.
Our Information Security Policy complies with Sabancı Holding Code of Business Ethics and Sabancı Holding Information Security Policy.