The main theme of TS EN ISO 27001-2013 is to prove that information security processes are carefully managed at PAPILON SAVUNMA A.Ş. The system functions to guarantee risk management, assess the performance of information security management processes, and ro regulate the relationships with third parties on the matters of information security.

In this respect, the functions of the Information Security Managements System Policy are:

  • To protect the information assets of PAPİLON A.Ş. against internal and external; intentional and unintentional hazards.

  • To provide access to information in a way that complies with the needs of business processes.

  • To satisfy the conditions laid out in relevant legislation.

To guarantee the endurance of all three components of Information Security Management System in all corporate activities.

  • Privacy: To prevent access to important information by unauthorized agents.
  • Entirety: To show that the veracity and integrity of said information is ensured.
  • Accessibility: To show that the authorized actors have access to the said information in cases of need.
  • To ensure personnel awareness about the vitality of specified information and information security processes through necessary training.

  • To report all actual and doubted vulnerabilities to Information Security Management System (ISMS) team, and to ensure that such reports are investigated by ISMS manager.

  • To prepare, maintain, and test business continuity plans.

  • To make periodical evaluations to locate existing risks.

  • To review and follow up on the action plans prepared in the light of aforesaid evaluations.

  • To prevent any agreement-related conflicts of interest or discordances.

  • AND To fully satisfy the requirements of maintaining strong information systems and information accessibility.