In:
NEWS
The main theme of TS EN ISO 27001: 2013 Information Security Management System is Apaz Medikal Product and Information Software San. Tic. A.Ş. in IT Services; to demonstrate that information security management is provided within human, infrastructure, software, hardware, customer information, organisational information, third party information and financial resources, to ensure risk management, to measure information security management process performance and to ensure the regulation of relations with third parties on information security issues.
In this direction, the purpose of our ISMS Policy is;
- Against all kinds of threats that may occur from inside or outside, knowingly or unknowingly, Apaz Medikal Ürün Ve Bilişim Yazılım San. Tic. A.Ş. to protect information assets, to ensure accessibility to information as required by business processes, to meet the requirements of legal legislation, to work towards continuous improvement,
- To ensure the continuity of the three basic elements of the Information Security Management System in all activities carried out.
Confidentiality: Preventing unauthorised access to important information,
Integrity Demonstrating that the accuracy and integrity of the information is ensured
Accessibility: Demonstrating the accessibility of information to authorised persons when necessary - To deal with the security of not only the data kept in electronic media, but also all data in written, printed, verbal and similar media.
- To ensure awareness raising by providing Information Security Management trainings to all personnel.
- To report to the ISMS Team any actual or suspected gaps in Information Security and to ensure that they are investigated by the ISMS Team.
- Prepare, maintain and test business continuity plans.
- To identify existing risks by making periodic assessments on Information Security. As a result of the assessments, to review and follow up action plans.
- To prevent any disputes and conflicts of interest that may arise from contracts.
- To fulfil business requirements for information accessibility and information systems.
