AIM
The purpose of the Information Security Policy is to prevent information security incidents or minimize the risk of damage in order to ensure the business continuity of Emre Metal Recycling and its affiliated group companies and to reduce the impact of potential threats.
In this context, it is aimed to establish an Information Security Management System and to comply with the ISO 27001:2013 standard.
SCOPE
This policy covers the information assets of Emre Metal Recycling. Applied by employees in all locations, suppliers/contractors inside and outside the location.
RESPONSIBILITY
The Information Security Board of Directors is responsible for keeping the risks to company information assets at an acceptable level approved by the senior management within the scope of the scope.
POLICY
The goal of the policy is to protect the company's information assets against internal and external intentional or unintentional threats. Emre Metal Recycling General Coordinator has approved this policy. The Information Security Policy secures all the following requirements:
Identification of processes and information assets and methodological realization of risk assessments related to them
Protection of information from unauthorized access
Ensuring the confidentiality of information
Protecting the integrity of information
Access to information whenever business processes need it
Fulfillment of legal obligations and legal obligations arising from contracts
Developing and improving business continuity plans
Providing Information Security trainings to all employees
Ensuring that all Information Security violations or suspected violations are reported and reviewed to the Information Security Board of Directors
Procedures and associated instructions have been defined to support this policy.
Information Security is provided by considering business needs.
The Information Security Board of Directors ensures the development, documentation and continuous improvement of this policy and all related documents, the Information Management System.
All management staff are responsible for the compliance of the units they manage with this policy and related procedures.