Gözen Holding attaches great importance to information security in accordance with its objectives, values and
- Gözen Holding (Corporation) management aims;
- To protect the reliability and image of the corporation,
- To make sure the that the contracts made fulfill the information security requirements, and
- To ensure the continuance of the fundamental and supportive activities of the corporation with minimum
- Gözen Holding, within this scope, undertakes to take measures in order to ensure and protect the
confidentiality, integrity and accessibility of the information assets of the corporation.
- Defining, evaluating and processing the information security risks are addressed under the risk management of
- Everyone that uses the information technologies infrastructure and accesses the information sources of the
- Ensures the confidentiality of the information belonging to the corporation in personal and electronic
communication and the information exchange with third parties,
- Backs up the information he/she processes according to the levels of criticality,
- Takes the security measures determined according to the risk levels,
- Has information about the information security violations, does not commit violation and reports any
information security incidents observed to the Information Security unit,
- Does not share the internal information sources with unauthorized persons, and does not use them for the
activities violating the Republic of Turkey laws and regulations.
- Employees of the corporation, and external parties such as third parties, suppliers, customers, visitors are
required to comply with this policy and the other policies, procedures and instructions ensuring the
implementation of this policy.
- Gözen Holding management is responsible for supporting the information security infrastructure and
maintaining its operation.
- Corporation undertakes to give "Information Security Awareness Training" to all employees in the form
of e-training or classroom training in order to ensure awareness, to continuously improve the information
security, and to meet the legal regulations and arrangements and the applicable expectations of the related
- In case of failure to comply with information security policies, procedures and instructions, sanctions such as
warning, reprimand, termination of contract are applied pursuant to the corporation personnel regulations.
- Corporation's top management is ready to provide any support in order to protect the information assets
according to the rules in the Information Security Policy, create information security awareness, establish a
common corporate culture, determine the risks and take the necessary actions for minimizing the weaknesses, and
execute the applicable sanctions in case of security violations.
- Corporation ensures the compliance with the Information Security requirements by internal and external
inspections, reporting the inspection results to the management and taking the actions related to such results.