Information Security Policy

In order to manage all kinds of risks towards business continuity and information assets within the scope of its activities in accordance with its Information Security Policy, Demir Export:

• fulfills the requirements of Information Security Standards,
• complies with all legal regulations regarding Information Security,
• identifies the risks to information assets and systematically manages risks,
• continuously reviews and improves the Information Security Management System,
• provides trainings to develop technical and behavioral competencies in order to increase Information Security awareness,
• reports all actual or suspicious vulnerabilities in information security to the Information Security Officer and ensures that the said vulnerabilities are investigated by the Information Security Officer,
• ensures accessibility to information through business processes as necessary,
• protects the confidentiality and integrity of information against access by unauthorized persons,
• protects the information assets of the organization against all kinds of threats that may arise knowingly or unknowingly from inside or outside,
• establishes and maintains risk management, and
• meets the business requirements for information accessibility and information systems.