As Salkım Orman Ürünleri San. ve Tic. A.Ş., on the subjects in our field of activity; meeting the legal requirements, providing service to meet the needs and expectations of our customers, suppliers and 3rd party interlocutors, ensuring access to quality, fast and secure services, accessing the information assets of Salkım Orman Ürünleri San. ve Tic. A.Ş. employees on time, completely, accurately and without interruption, is of great importance. Salkım Orman Ürünleri San. ve Tic. A.Ş. has decided to establish an Information Security Management System (ISMS) in accordance with the ISO / IEC 27001: 2013 standard in order to protect information about itself, its customers and its 3rd Party counterparts. The purpose of establishing an Information Security Management System is to ensure that information is evaluated within the scope of confidentiality, integrity and accessibility, to protect all threats that may come from inside and / or outside, intentional or accidental, and to carry out activities effectively, accurately, quickly and safely.
Information security is a corporate responsibility and lies in line with our corporate goals. Necessary roles have been defined, responsibilities have been determined and those responsible have been assigned for the healthy operation of information security processes. These responsibilities primarily include all employees using information technology infrastructure, users accessing information systems as a third party, and suppliers providing technical support to information systems. With the establishment of the Information Security Management System, it is aimed to identify and evaluate possible risks in all areas within the scope, to reduce them to an acceptable level by matching them with the controls appropriate to the standard, and to keep the ISMS alive within the institution by applying the risk assessment procedure.
In this context, Salkım Orman Ürünleri San. ve Tic. A.Ş. Undertakes to fulfill the requirements of the standard, to meet legal requirements, to activate all applicable controls, and to constantly improve the Information Security Management System established with new application areas and developing technology at regular intervals every year.