Our Information Security Management System Policy
The main theme of TS EN ISO 27001: 2013 Information Security Management System; Desmer Security “Security services, Physical Security Services, Information Security activities of cash and valuable goods transportation, storage and process services In its activities; to demonstrate that information security management is provided within human, infrastructure, software, hardware, organizational information, third party information and financial resources, to ensure risk management, to measure information security management process performance and to regulate relations with third parties on information security issues.
In this direction, the purpose of our ISMS Policy is;
– Managing information assets, determining the security values, needs and risks of assets, developing and implementing controls for security risks
– Define the framework for identifying information assets, values, security needs, vulnerabilities, threats to assets, methods for determining the frequency of threats.
– To continuously improve the Information Security Management System.
– Define a framework for assessing the confidentiality, integrity, availability impact of threats on assets.
– To set out the working principles for the processing of risks.
– Continuously monitor risks by reviewing technological expectations in the context of the scope served
– To ensure the information security requirements arising from national or international regulations to which it is subject, fulfilling the requirements of legal and relevant legislation, meeting its obligations arising from agreements, and corporate responsibilities towards internal and external stakeholders.
– Reducing the impact of information security threats to service continuity and contributing to continuity
– To have the competence to quickly intervene in information security incidents that may occur and minimize the impact of the incident
– To maintain and improve the level of information security over time with a cost-effective control infrastructure.
– To improve the reputation of the organization and protect it from negative effects based on information security.