INFORMATION SECURITY MANAGEMENT SYSTEM POLICY
The central theme of the ISO EN ISO 27001: 2013 Information Security Management System; AQM ANALYTICS LLC; To demonstrate that information security management is provided within the human, infrastructure, software, hardware, user information, organization information, information belonging to third parties, and financial resources, to ensure risk management, to measure information security management process performance and to determine the relations with third parties on information security issues. To regulate.
In this direction, the purpose of our ISMS Policy is;
- To protect the information assets of AQM ANALYTICS LLC against all kinds of threats that may arise from inside or outside, knowingly or unintentionally, to ensure the accessibility of information with business processes, to meet the requirements of legal regulations, to work for continuous improvement,
- To ensure the continuity of three essential elements of the Information Security Management System in all activities carried out:
Confidentiality: Prevention of unauthorized access to critical information,
Integrity: Showing the accuracy and integrity of the information,
Accessibility: Demonstration of those who are authorized to access information when necessary,
- Not only data kept electronically; To deal with the security of all data is written, printed, verbal and similar media.
- To raise awareness by giving Information Security Management training to all personnel,
- To report all existing or suspicious gaps in Information Security to the ISMS Team and to ensure that the ISMS Team investigates them,
- To prepare, maintain and test business continuity plans,
- To determine existing risks by making periodic evaluations on Information Security; As a result of the assessments, to review and follow up the action plans,
- To prevent all kinds of disputes and conflicts of interest that may arise from contracts,
- To meet business requirements for information accessibility and information systems