INFORMATION SECURITY AND PRIVACY POLICY
BG-TEK Group Companies recognize the critical role of ensuring the confidentiality, integrity, and availability of all forms of information in their sustainable success and good management practices. They are aware that failure to maintain an adequate level of information security increases the risk of financial loss as well as reputational damage.
This information security policy not only outlines BG-TEK Group Companies' approach to Information Security management but also sets out the guiding principles and responsibilities necessary for safeguarding the security of information systems.
BG-TEK Group Companies are committed to establishing, implementing, operating, monitoring, reviewing, maintaining, and continuously improving their Information Security Management System in accordance with the TS ISO/IEC 27001 and TS ISO/IEC 27701 Standards to ensure the confidentiality, integrity, and availability of the information they are obliged to protect.
As BG-TEK Group Companies, which offer Information Security services and carry out R&D activities, we commit to:
- Monitoring current cyber threats related to our activities with a "zero day" approach,
- Complying with contractual obligations and legal requirements,
- Ensuring that our activities are carried out effectively, accurately, promptly, and securely,
- Conducting our security testing services in compliance with industry standards,
- Carrying out our operations with an awareness of the risks to the confidentiality, availability, and integrity of all types of information assets belonging to our company, customers, employees, suppliers, and business partners,
- Ensuring that the Information Security Management System and awareness of information security become ingrained in our corporate culture,
- Preparing, implementing, and testing the necessary plans to ensure business continuity and service continuity,
- Evaluating and managing risks related to our information assets and processes in accordance with accepted risk management methodologies,
- Staying in communication with special interest groups to benefit from the developing technologies and knowledge in the sectors in which we provide information-based services,
- Complying with laws, regulations, and other legislation related to the protection of personal data by referring to the ISO 27701 Personal Data Management standard.
We commit these principles to all our stakeholders.
GENERAL MANAGER
Kamil BURLU