Neoone AŞ - Information Security Policy
The main theme of our ISO 27001:2022 Information Security Management System:
* In our organization's services; Demonstrating that information security management is ensured within human, infrastructure, software, hardware, customer information, organizational information, third party information and financial resources;
* To ensure risk management;
* Measuring information security management process performance;
* To ensure the regulation of relations with third parties on matters related to information security.
In this regard, the purpose of our ISMS Policy is:
- To protect the information assets of Neoone Teknoloji Ticaret AŞ and related parties against all kinds of threats that may occur from inside or outside, knowingly or unknowingly;
- Ensuring accessibility to information through business processes as required;
- To meet legal regulatory requirements;
- To work towards continuous improvement;
- Ensuring the continuity of the three basic elements of the Information Security Management System in all activities carried out:
Privacy: Preventing unauthorized access to important information,
Integrity: Demonstrating that the accuracy and integrity of the information is ensured,
Accessibility: Demonstrating that information can be accessed by authorized persons when necessary.
- Both electronically and in written, printed, oral, etc. To continue IT activities uninterruptedly by ensuring the security of all data in physical and electronic environments,
- To raise awareness by providing Information Security Management training to all personnel,
- Reporting all existing or suspicious vulnerabilities in Information Security to the ISMS Team,
- Preparing, maintaining and testing business continuity plans,
- To identify current risks by making periodic evaluations on Information Security.
- All our personnel, including outsourced personnel and interns, and all external parties defined in the ISMS; He is responsible for carrying out all his work in a way that ensures the protection of information within our company.
Within the scope of our ISO 27001:2022 ISMS Policy, we undertake the following:
* To document, certify and ensure continuous improvement of our ISMS system with all sub-procedures and instructions in order to meet the requirements of the ISO 27001:2022 standard,
* To maximize the ISMS consciousness and awareness of our staff,
* To ensure the confidentiality of the information assets of all our stakeholders within the scope of ISMS.