As Enerjisa Üretim, we aim to establish and maintain the Information Security Management System per the ISO 27001 standard requirements. The system's primary purpose is to ensure the confidentiality, integrity, and availability of information that must be protected according to regulations, supporting daily operations and the continuity of strategic competitive advantage.
For the establishment and operation of the Information Security Management System, Enerjisa Üretim:
Creates a practical and adequate information security risk management approach to reduce or eliminate defined risks in the scope and allocates necessary resources to minimize information security risks to an acceptable level.
Organizes regular training and educational activities to increase employees', third-party, and stakeholders' awareness of their roles and responsibilities regarding Information Security.
Develops and maintains appropriate business continuity plans and systems to ensure the continuity of critical processes.
Takes appropriate measures to manage information security breaches and prevent their recurrence.
Complies with all applicable laws, energy market regulations, contractual obligations, industry standards, and other relevant internal and external requirements, continuously improving in this direction.
Continuously improves the Information Security Management System by setting security control objectives through regular audits and reviews.
Ensures all employees comply with the Information Security Management System policies, procedures, and controls.