INFORMATION SECURITY POLICY
Kalehan, being aware of the importance of information availability and information security for the success of its projects and in achieving business continuity, has adopted the principle of ensuring information security in all its activities.
In this regard, Kalehan protects its information assets against any threat that may occur intentionally or unintentionally and that may originate either internally or externally, and takes necessary measures to ensure access to information at appropriate functions and levels
as required by its business processes.
Kalehan undertakes to comply with legal regulations and meet applicable standards related to information security, and takes into consideration international good practice.
Kalehan ensures the continuity of the three basic elements of the Information Security Management System (ISMS) in all its activities:
- Confidentiality: Preventing unauthorized access to important information,
- Integrity: Ensuring the accuracy and integrity of information,
- Availability: Ensuring the accessibility of information to authorized persons when necessary.
Security of all information assets is ensured, including not only electronic data, but also data stored in written, printed, audio and similar environments.
Business continuity plans will be prepared, implemented and tested to ensure access to information as required by business processes.
Information security risks will be reviewed and measures and controls will be implemented for risks above acceptable levels; action plans will be reviewed and followed up in accordance with the results of risk assessments.
Training will be provided to raise employee awareness on information security, reporting of non-conformances as well as actual or perceived vulnerabilities will be encouraged, reported vulnerabilities and non-conformities will be investigated by the ISMS manager and necessary resources will be provided therefor.
Kalehan is determined to continually improve its information security management system, monitor its targets and acceptability criteria, and thus improve its information security performance.
Kalehan top management undertakes to provide all necessary support in these matters.