INFORMATION SECURITY POLICY

How can you contact us?

You can reach us at any time during the day at +90(216)466 7342 or via our e-mail address info@modprocess.com.

Purpose
The purpose of the Information Security Policy is to prevent information security incidents or minimize the risk of damage in order to ensure business continuity of Modprocess Makina San ve Tic A.Ş and its affiliated group companies and to reduce the impact of potential threats.

In this context, the Information Security Management System was established and it was aimed to comply with the ISO 27001:2013 standard.

Scope
This policy covers the information assets within Modprocess Makina San ve Tic A.Ş. It is implemented by employees in all locations and suppliers / contractors inside and outside the location.

Responsibility
Information Security The Board of Directors is responsible for ensuring the installation and operation of the Information Security Management System in accordance with the ISO 27001:2013 standard, within the scope of ensuring that the confidentiality, integrity and accessibility values ​​of the company’s information assets are protected and that the risks to the processes are kept at an acceptable level approved by the senior management. Ensuring that the Information Security Management System meets the requirements of the Personal Data Protection Law (KVKK) is among these responsibilities.

Politics

  • The goal of the policy is to protect our companies’ information assets against internal and external intentional or unintentional threats, including their own data and data transmitted by stakeholders.
  • Modprocess Makina San ve Tic A.Ş Coordinator has approved this policy.
  • The Information Security Policy secures all the following requirements:
    • Defining processes and information assets and carrying out risk assessments regarding them methodologically.
    • Protection of information from unauthorized access.
    • Ensuring the confidentiality of information.
    • Protecting the integrity of information.
    • Ensuring access to information whenever business processes need it.
    • Fulfillment of legal obligations and legal obligations arising from contracts.
    • Developing and improving business continuity plans.
    • Providing Information Security training to all employees.
    • Ensuring that all Information Security violations or suspected violations are reported to the Information Security Board of Directors and reviewed.
  • Procedures and associated instructions have been defined to support this policy.
  • Information Security is provided by taking into account business needs.
  • The Information Security Board of Directors ensures the development, documentation and continuous improvement of this policy and all related documents and the Information Security Management System.
  • All management staff are responsible for ensuring that the units they manage comply with this policy and related procedures.
  • Compliance with the Information Security Policy is mandatory for all employees.