TEKAY YEDEK PARÇA SAN. ve TİC. A.Ş aims to establish, implement and improve Information Security Management System (ISMS) for the protection of Confidentiality, Integrity and Accessibility of its information portfolio.
In this context, we undertake:
- To determine Information Security needs of related parties and establish necessary controls within the compass of risk analysis,
- To form Policies, Procedures and Instructions and disseminate the same for the management of Risks related to ISMS and for keeping them under control,
- To improve Information Security awareness of personnel,
- To appoint adequate number of personnel related to ISMS or to increase the level of knowledge of existing personnel,
- Directing and supporting persons for their contribution to ISMS activities,
- Supporting management roles related to ISMS to enable them to display their leadership in their own areas of responsibility,
- To ensure allocation of necessary resources needed for ISMS and at an acceptable level within the framework of risk analysis,
- Determination of Information portfolio,
- Analyzing of risks related to information portfolio,
- Selecting and implementing appropriate controls related to analyzed risks,
- Forming an “Applicability Declaration” by matching selected controls with controls indicated in ISO 27001:2013 Annex A and its improvement,
- Consistent measurement of performance of implemented controls and determination of their effectiveness,
- Performing regular internal audit activities that include ISMS,
- Taking corrective action and precautions regarding non-conformance without delay,
- To improve ISMS by holding regular Management Review Meetings.
As it is the case in all activities of our company, in ISMS infrastructure works are carried out by compliance to self-reliance, righteousness, objectivity, confidentiality and reliability principles.
All personnel and third party firm employees are obliged to comply with documents included in management system within the framework of their duties and responsibilities.