TS EN ISO 27001: 2017 Information Security Management System's main theme is; ASELSANNET Information Technology Systems, Data Centers, Security Systems, Wireless Communication Systems, RFID Technologies, Project and Contracting Services and Traffic Automation Systems Sales, Marketing, Installation, Project Design, Technical Support, Import, Export activities; human, infrastructure, software, hardware, organization information, third party information and financial resources to ensure that information security management is provided, to ensure risk management, information security management process performance measurement and information security related issues to ensure that the relationship with third parties. .
Accordingly, the purpose of our ISMS Policy;
- Managing information assets, identifying security values, needs and process risks of assets, developing and implementing controls for security risks.
- Define the framework within which information assets, values, security needs, vulnerabilities, threats to assets, and methods for determining the frequency of threats.
- Define a framework for assessing the impact of threats to privacy, integrity, and accessibility on assets.
- To set out the working principles for the processing of risks.
- Continuously monitoring risks by reviewing technological expectations in the context of the scope covered.
- To ensure information security requirements arising from national or international regulations, legal and related legislation requirements, contractual obligations and corporate responsibilities to internal and external stakeholders.
- To reduce the impact of information security threats to service continuity and to contribute to continuity.
- To have the competence to rapidly intervene and minimize the impact of information security incidents that may occur.
- Maintain and improve the level of information security over time with a cost-effective control infrastructure.
- To improve the reputation of the organization, to protect against negative effects based on information security.