As employees under the roof of Flokser Inc.; we undertake to fulfill the requirements of Information Security Management System and comply with its’ policies.
The purpose of the system is to guarantee the internal information security, assure the risk management, measure the information security process preformance and setting relations with third parties on information security issues. In this context;
We guarantee below actions are to be carried out and their performances are to be continously developed;
- Managing information assets, designating their security values, requirements and risks, developing and carrying out controls for security risks;
- Defining a framework to assess information assets, values, security requirements, weaknesses, methods for detecting threats and threat frequencies and confidentiality, integrity and accessibility effects of threats on assets;
- Fulfilling information security requirements arising from applicable national or sectoral regulations’, legal and related legislations’ requirements, its’ contractual liabilities and corporate responsibilities to internal and external stakeholders;
- Executing working principles to handle risks;
- Reviewing technological expectations with regards to context served and continously tracking risks;
- Minimizing the effects of information security threats towards service availability and following job continuity plans and realizing promised goals;
- Having the ability to fastly response to information security incidents that may happen and to minimize the effects of the incident;
- With corporate resources and budget control substructure maintaining the information security level and ensuring continous development of it in time;
- Developing the corporate reputation and protecting it against information security based negative effects;
- Complying with TS ISO/IEC 27001 Information Systems and Security Standards;
- About access to information by authorized persons when required, ensuring the security of all datas kept in electronic media and in written, printed, verbal and similar media;
- Giving information security trainings and ensuring all employees are kept awared;
- Realizing designated Information Security Objectives and continous development of its’ performance.