Management Systems
INFORMATION SECURITY POLICY
Modern Karton Sanayi ve Ticaret A.Ş. has legal and commercial responsibilities to adequately protect its data and systems and manage any security risks associated with the operation of information technologies. Modern Karton Sanayi ve Ticaret A.Ş. aims to implement an Information Security Management System in accordance with the ISO/IEC 27001 Standard in order to guarantee the confidentiality, integrity, and accessibility of information and communication systems, manage security risks, and protect operational and financial data.
In accordance with the requirements of ISO/IEC 27001 ISMS, we undertake and ensure that the products and services we offer meet the needs and expectations of our customers, and the information of our employees, customers, suppliers, and business partners is properly protected thanks to our processes that we implement and continuously improve with a risk-based thinking approach.
Modern Karton Sanayi ve Ticaret A.Ş. The objective of this Information Security Policy, approved by the Senior Management, is to:
- Protect the information assets of the organisation against all kinds of threats that may arise inside or outside, intentionally or unintentionally,
- Protect the confidentiality and integrity of the information against unauthorised access,
- Ensure accessibility to information as required by business processes,
- Meet the requirements of the legislation,
- Prepare, maintain, and test business continuity plans,
- Ensure awareness by providing information security training to all staff members,
- Make risk analyses to ensure effective management of the Information Security Management System,
- Conduct risk assessment, risk analysis, and risk processing studies to manage information security risks, develop necessary measures, and make efforts to prevent potential risks.
- Identify all existing or suspected vulnerabilities in information security and ensure that necessary actions are taken.
- Meet business requirements for information accessibility and information systems,
- Make the processes within the scope compliant with the Information Security Management System,
- Periodically review the success of our information security management system in meeting the intended results and ensure that the necessary improvements are implemented on time.
Modern Karton Sanayi ve Ticaret A.Ş. Senior Management undertakes to establish and operate the ISMS process by meeting all the requirements in ISO/IEC 27001 to achieve the objectives and policies of the organization, comply with the published and implemented Information Security Management System, allocate the resources and necessary infrastructure investments required for the efficient operation of the system, continuously improve the effectiveness of the process and ensure that it is understood by all employees.