Our organization, operating in the production and sales of bulgur and the sales of pulses, prioritizes customer satisfaction in all its activities. We regard information as our most valuable asset and place the utmost importance on information security and the protection of personal data. In doing so, we act in compliance with applicable legislation, standards, and the needs and expectations of our stakeholders, taking all necessary administrative and technical measures within the scope of data security.
Accordingly, to ensure the continuous improvement of our Information Security Management System (ISMS) established within our organization, we are committed to:
v Evaluating the confidentiality, integrity, and availability impacts of information within the scope of our ISMS, reducing threats to information, and contributing to the continuity of information security,
v Developing and implementing controls to address security risks,
v Defining a framework and methods for identifying security needs, vulnerabilities, threats to assets, and their frequencies,
v Preventing any interruptions that may affect business continuity and ensuring recovery within the targeted time frame in the event of disruptions,
v Minimizing the likelihood of information security breaches and, in the event of an incident, responding in accordance with legal and standard requirements while taking permanent preventive actions,
v Continuously monitoring risks by reviewing technological expectations within the scope of the services provided,
v Fulfilling the requirements of applicable national and international regulations, legal and contractual obligations, and information security requirements arising from corporate responsibilities toward internal and external stakeholders,
v Reducing the impact of information security threats on service continuity and contributing to the sustainability of operations,
v Maintaining the competence to respond promptly and effectively to potential information security incidents to minimize their impact,
v Preserving and enhancing the level of information security over time through a cost-effective control infrastructure,
v Providing employees with awareness, information, and training on Information Security Management System topics at regular intervals,
v Continuously improving the system by considering the results of implementation and improvement activities carried out under the ISMS,
v Conducting studies that meet the requirements of the Personal Data Protection Law (KVKK),
v Managing the requirements of the ISMS and the Personal Data Protection Law (KVKK) in an integrated manner,
v Protecting our organization’s reputation against adverse effects stemming from information security risks,
v Implementing, reviewing, and continually improving practices related to the Information Security Management System.
We hereby commit to upholding this policy.
General Manager