Information Security Policy

Anasayfa - Information Security Policy

Our Information Security Policy

Promet Information Systems Inc. , TS EN ISO 27001:2013 The main theme of the Information Security Management System is in information services; To demonstrate that information security management is provided in people, infrastructure, software, hardware, customer information, organizational information, third-party information and financial resources, to secure risk management and turn it into an opportunity, to measure information security management process performance and to assess information security-related issues. To regulate relations with third parties.


In this direction , the purpose of our ISMS Policy ;
  • Against all kinds of threats that may arise from inside or outside, knowingly or unknowingly, Promet Bilgi Sistemleri A.Ş. to protect information assets, to ensure accessibility to information through business processes, to meet legal regulations, to work for continuous improvement,
  • To ensure the continuity of the three basic elements of the Information Security Management System in all activities carried out.
    Confidentiality : Preventing unauthorized access to important information,
    Integrity : Demonstrating that the accuracy and integrity of the information is provided,
    Accessibility : Demonstrating the accessibility of information when necessary by those with authority,
  • Not only the data kept in electronic environment; To deal with the security of all data in written, printed, oral and similar media.
  • To raise awareness by giving Information Security Management trainings to all personnel.
  • Reporting all actual or suspicious vulnerabilities in Information Security to the ISMS Team and ensuring that they are investigated by the ISMS Team.
  • Preparing, maintaining and testing business continuity plans.
  • To determine the existing risks by making periodic evaluations on Information Security. As a result of the evaluations, to review and follow the action plans.
  • To prevent all kinds of disputes and conflicts of interest that may arise from contracts.
  • To meet business requirements for information accessibility and information systems.