OPAL Makina Ambalaj Kimya San. Tic. A.Ş., considering the importance of information security and its impact on the competitiveness of the organization, has decided to establish an Information Security Management System (ISMS) in order to protect information assets, reduce risks and ensure legal compliance.
The objectives underlying this decision can be listed as follows:
- Protecting Corporate Reliability and Image
- Mitigating Risks Related to Information Assets
- Complying with Legal Obligations and Legislation
- Increasing Information Security Awareness of Employees
- Providing Continuous Access to Information
To achieve these objectives, OPAL declares that it will fulfill the following commitments
ISO/IEC 27001 Standard Compliance: The ISMS will be established and implemented in accordance with the terms and requirements of the ISO/IEC 27001 Information Security Management System standard.
Legal Compliance: ISMS will be operated in compliance with the laws, regulations, circulars and relevant standards of the Republic of Turkey.
Protection of Information Assets: ISMS will include measures to protect all information assets against threats such as unauthorized access, use, disclosure, modification and destruction.
Risk Management: ISMS will include mechanisms to ensure that risks to information assets are assessed and identified risks are reduced to acceptable levels.
Awareness Programs: ISMS will provide regular information security awareness programs to employees and relevant supplier employees.
Information Security Incident Management: ISMS will define processes for detecting, reporting and taking corrective actions for information security incidents.
Business Continuity Planning: ISMS will ensure continuous access to information through business continuity plans and disaster recovery strategies.
Resource Allocation: OPAL will allocate the necessary resources to implement, maintain and improve the ISMS.
Supplier Management: ISMS will ensure that the information security performance of suppliers and contractors is taken into account and cooperation is ensured.
Sanctions for Security Violations: ISMS will ensure that necessary sanctions are applied in case of security breaches.
Dynamic Structure and Communication: ISMS will create a dynamic structure to adapt to the developments in the field of information technologies and increase communication with relevant authorities and stakeholders.