Information Security Policy
This policy has been established by the BITES Information Security Committee and approved by BITES Senior Management. The purpose of the policy is to define the basic principles to ensure the reliability, continuity, and sustainability of services.
Core Principles
-
Identifying strategic corporate risks and taking necessary measures with recurring risk management methods
-
Preventing unauthorized use, alteration, disclosure, or damage to information assets
-
Ensuring that all personnel receive information security training
-
Establishing contracts with service and material suppliers that meet information security requirements
-
Ensuring the protection of personal data obtained from third parties in accordance with Law No. 6698
-
Taking business continuity measures to ensure the continuation of activities
-
Operating the planning, implementation, control, and preventive processes of the Information Security Management System (ISMS)
-
Carrying out continuous improvement activities for the sustainability of the ISMS
-
Ensuring access control in accordance with the "need to know" principle and protecting information against unauthorized access