{"id":4149,"date":"2024-02-22T17:54:22","date_gmt":"2024-02-22T14:54:22","guid":{"rendered":"https:\/\/lveel.com.tr\/test\/?page_id=4149"},"modified":"2024-02-22T17:58:38","modified_gmt":"2024-02-22T14:58:38","slug":"information-security-policy","status":"publish","type":"page","link":"https:\/\/lveel.com.tr\/test\/en\/information-security-policy\/","title":{"rendered":"Information Security Policy"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-page\" data-elementor-id=\"4149\" class=\"elementor elementor-4149\" data-elementor-post-type=\"page\">\n\t\t\t\t<div class=\"elementor-element elementor-element-e5471dd animated-slow e-flex e-con-boxed elementor-invisible e-con e-parent\" data-id=\"e5471dd\" data-element_type=\"container\" data-settings=\"{&quot;animation&quot;:&quot;fadeIn&quot;,&quot;animation_delay&quot;:300,&quot;_ha_eqh_enable&quot;:false}\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t<div class=\"elementor-element elementor-element-a2520d9 e-con-full e-flex e-con e-child\" data-id=\"a2520d9\" data-element_type=\"container\" data-settings=\"{&quot;_ha_eqh_enable&quot;:false}\">\n\t\t\t\t<div class=\"elementor-element elementor-element-436d501 elementor-nav-menu--dropdown-tablet elementor-nav-menu__text-align-aside elementor-nav-menu--toggle elementor-nav-menu--burger elementor-widget elementor-widget-nav-menu\" data-id=\"436d501\" data-element_type=\"widget\" data-settings=\"{&quot;layout&quot;:&quot;vertical&quot;,&quot;submenu_icon&quot;:{&quot;value&quot;:&quot;&lt;svg class=\\&quot;e-font-icon-svg e-fas-caret-down\\&quot; viewBox=\\&quot;0 0 320 512\\&quot; xmlns=\\&quot;http:\\\/\\\/www.w3.org\\\/2000\\\/svg\\&quot;&gt;&lt;path d=\\&quot;M31.3 192h257.3c17.8 0 26.7 21.5 14.1 34.1L174.1 354.8c-7.8 7.8-20.5 7.8-28.3 0L17.2 226.1C4.6 213.5 13.5 192 31.3 192z\\&quot;&gt;&lt;\\\/path&gt;&lt;\\\/svg&gt;&quot;,&quot;library&quot;:&quot;fa-solid&quot;},&quot;toggle&quot;:&quot;burger&quot;}\" data-widget_type=\"nav-menu.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<link rel=\"stylesheet\" href=\"https:\/\/lveel.com.tr\/test\/wp-content\/uploads\/elementor\/css\/custom-pro-widget-nav-menu.min.css?ver=1711973650\">\t\t\t<nav class=\"elementor-nav-menu--main elementor-nav-menu__container elementor-nav-menu--layout-vertical e--pointer-underline e--animation-fade\">\n\t\t\t\t<ul id=\"menu-1-436d501\" class=\"elementor-nav-menu sm-vertical\"><li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-4142\"><a href=\"https:\/\/lveel.com.tr\/test\/en\/clarification-form\/\" class=\"elementor-item\">Clarification Form<\/a><\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-4179\"><a href=\"https:\/\/lveel.com.tr\/test\/en\/information-security-policy\/\" class=\"elementor-item\">Information Security Policy<\/a><\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-4178\"><a href=\"https:\/\/lveel.com.tr\/test\/en\/kvkk-clarification-form\/\" class=\"elementor-item\">KVKK Clarification Form<\/a><\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-4177\"><a href=\"https:\/\/lveel.com.tr\/test\/en\/contact-clarification-form\/\" class=\"elementor-item\">Contact Clarification Form<\/a><\/li>\n<\/ul>\t\t\t<\/nav>\n\t\t\t\t\t<div class=\"elementor-menu-toggle\" role=\"button\" tabindex=\"0\" aria-label=\"Menu Toggle\" aria-expanded=\"false\">\n\t\t\t<svg aria-hidden=\"true\" role=\"presentation\" class=\"elementor-menu-toggle__icon--open e-font-icon-svg e-eicon-menu-bar\" viewBox=\"0 0 1000 1000\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M104 333H896C929 333 958 304 958 271S929 208 896 208H104C71 208 42 237 42 271S71 333 104 333ZM104 583H896C929 583 958 554 958 521S929 458 896 458H104C71 458 42 487 42 521S71 583 104 583ZM104 833H896C929 833 958 804 958 771S929 708 896 708H104C71 708 42 737 42 771S71 833 104 833Z\"><\/path><\/svg><svg aria-hidden=\"true\" role=\"presentation\" class=\"elementor-menu-toggle__icon--close e-font-icon-svg e-eicon-close\" viewBox=\"0 0 1000 1000\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M742 167L500 408 258 167C246 154 233 150 217 150 196 150 179 158 167 167 154 179 150 196 150 212 150 229 154 242 171 254L408 500 167 742C138 771 138 800 167 829 196 858 225 858 254 829L496 587 738 829C750 842 767 846 783 846 800 846 817 842 829 829 842 817 846 804 846 783 846 767 842 750 829 737L588 500 833 258C863 229 863 200 833 171 804 137 775 137 742 167Z\"><\/path><\/svg>\t\t\t<span class=\"elementor-screen-only\">Men\u00fc<\/span>\n\t\t<\/div>\n\t\t\t\t\t<nav class=\"elementor-nav-menu--dropdown elementor-nav-menu__container\" aria-hidden=\"true\">\n\t\t\t\t<ul id=\"menu-2-436d501\" class=\"elementor-nav-menu sm-vertical\"><li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-4142\"><a href=\"https:\/\/lveel.com.tr\/test\/en\/clarification-form\/\" class=\"elementor-item\" tabindex=\"-1\">Clarification Form<\/a><\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-4179\"><a href=\"https:\/\/lveel.com.tr\/test\/en\/information-security-policy\/\" class=\"elementor-item\" tabindex=\"-1\">Information Security Policy<\/a><\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-4178\"><a href=\"https:\/\/lveel.com.tr\/test\/en\/kvkk-clarification-form\/\" class=\"elementor-item\" tabindex=\"-1\">KVKK Clarification Form<\/a><\/li>\n<li class=\"menu-item menu-item-type-post_type menu-item-object-page menu-item-4177\"><a href=\"https:\/\/lveel.com.tr\/test\/en\/contact-clarification-form\/\" class=\"elementor-item\" tabindex=\"-1\">Contact Clarification Form<\/a><\/li>\n<\/ul>\t\t\t<\/nav>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-be56439 e-con-full e-flex e-con e-child\" data-id=\"be56439\" data-element_type=\"container\" data-settings=\"{&quot;_ha_eqh_enable&quot;:false}\">\n\t\t\t\t<div class=\"elementor-element elementor-element-e03a333 elementor-widget elementor-widget-heading\" data-id=\"e03a333\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.20.0 - 26-03-2024 *\/\n.elementor-heading-title{padding:0;margin:0;line-height:1}.elementor-widget-heading .elementor-heading-title[class*=elementor-size-]>a{color:inherit;font-size:inherit;line-height:inherit}.elementor-widget-heading .elementor-heading-title.elementor-size-small{font-size:15px}.elementor-widget-heading .elementor-heading-title.elementor-size-medium{font-size:19px}.elementor-widget-heading .elementor-heading-title.elementor-size-large{font-size:29px}.elementor-widget-heading .elementor-heading-title.elementor-size-xl{font-size:39px}.elementor-widget-heading .elementor-heading-title.elementor-size-xxl{font-size:59px}<\/style><h2 class=\"elementor-heading-title elementor-size-default\">Information Security Policy<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-29ebf45 elementor-widget elementor-widget-text-editor\" data-id=\"29ebf45\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.20.0 - 26-03-2024 *\/\n.elementor-widget-text-editor.elementor-drop-cap-view-stacked .elementor-drop-cap{background-color:#69727d;color:#fff}.elementor-widget-text-editor.elementor-drop-cap-view-framed .elementor-drop-cap{color:#69727d;border:3px solid;background-color:transparent}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap{margin-top:8px}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap-letter{width:1em;height:1em}.elementor-widget-text-editor .elementor-drop-cap{float:left;text-align:center;line-height:1;font-size:50px}.elementor-widget-text-editor .elementor-drop-cap-letter{display:inline-block}<\/style>\t\t\t\t<p><strong>INFORMATION SECURITY POLICY<\/strong><\/p><p><b>Purpose :<\/b>\u00a0The purpose of this policy is to define the approach and objectives of senior management and to communicate these objectives to all employees and interested parties, in order to prevent violations of the law, legal, regulatory or contractual obligations and any security requirements.<br \/>Scope: This policy protects electronic information assets obtained from logistics, storage, accounting, finance, quality assurance, purchasing, human resources, law, sales, marketing, internal audit and information processing activities related to commercial activities carried out within the Company and these transactions, It covers the information security processes used to process, store and protect personal data held within the scope of the law and to ensure that its confidentiality and integrity are not compromised.<br \/>Definitions<\/p><p>3.1. ISMS:\u00a0Information Security Management System.<\/p><p>3.2. Inventory:\u00a0Any information assets that are important to the firm.<\/p><p>3.4. Know-How: It is the ability to do something.<\/p><p>3.5. Information Security:\u00a0Information, like all other corporate and business assets, is an asset that has value to a business and therefore must be appropriately protected. Within the company, know-how, process, formula, technique and method, customer records, marketing and sales information, personnel information, commercial, industrial and technological information and secrets are considered CONFIDENTIAL INFORMATION.<\/p><p>3.6. Confidentiality: Restricting the viewing of the content of the information to only those who are allowed to view the information\/data<\/p><p>3.7. Integrity: It is the ability to detect unauthorized or accidental changes, deletions or additions or deletions of information and to guarantee detectability.<\/p><p>3.8. Accessibility\/Availability:\u00a0The availability of the asset whenever it is needed. In other words, the systems are always available and the information in the systems is not lost and is always accessible.<\/p><p>3.9. Information Asset: Assets owned by the Company that are important for the Company to carry out its activities without disruption. Information assets within the scope of the processes subject to this policy are:<\/p><p>3.9.1. All kinds of information and data presented in paper, electronic, visual or audio media,<\/p><p>3.9.2. All kinds of software and hardware used to access and change information,<\/p><p>3.9.3. Networks that enable the transfer of information,<\/p><p>3.9.4. Facilities and special areas,<\/p><p>3.9.5. Departments, units, teams and employees,<\/p><p>3.9.6. Solution partners,<\/p><p>3.9.7. Services or products provided by third parties.<\/p><p>Responsibilities\u00a0The qualifications and competencies of the tasks with designated responsibilities and authorities are defined in the job descriptions. Senior Management is responsible for maintaining and developing activities related to information security.<\/p><p>4.1. Management Responsibility<\/p><p>4.1.1. The Company Management undertakes to comply with the defined, put into effect and implemented Information Security System, to allocate the necessary resources for the efficient operation of the system, and to ensure that the system is understood by all employees.<\/p><p>4.1.3. Management helps lower-level personnel take responsibility and set an example regarding security. The understanding that starts and is implemented from the upper levels must be carried down to the lowest level personnel of the company. Therefore, all managers support their employees in writing or verbally to comply with security instructions and participate in studies on security issues.<\/p><p>4.1.4. Senior Management creates the budget required for comprehensive information security studies.<\/p><p>4.2. Department Employee Responsibilities\u00a0They are responsible for implementing the Information Security Policy and ensuring that employees comply with the principles, ensuring that third parties are aware of the policy, and reporting security violations related to information systems that they notice.<\/p><p>4.5. Responsibility of All Employees<\/p><p>4.5.1. Conducting its work in accordance with information security targets,<\/p><p>4.5.2. He\/she monitors the information security targets related to his\/her unit and ensures that the targets are achieved.<\/p><p>4.5.3. Paying attention to and reporting any observed or suspected information security vulnerabilities in systems or services,<\/p><p>4.5.4. In addition to service agreements (consultancy, etc.) made with third parties that are not the responsibility of Purchasing, it is responsible for making confidentiality agreements and ensuring information security requirements.<\/p><p>4.6. Responsibility of Third Parties It is responsible for knowing and implementing the information security policy and complying with the behaviors determined within the scope of ISMS.<\/p><p>Information Security Goals Information Security Policy is to guide the Company&#8217;s employees to act in accordance with the security requirements of the company, to increase their level of consciousness and awareness, and thus to ensure that the company&#8217;s basic and supporting business activities continue with the least interruption, to protect its reliability and image, and to It aims to protect the physical and electronic information assets that affect the entire operation of the company in order to ensure the compliance specified in the contracts.<br \/>Risk Management Framework The company&#8217;s risk management framework; It covers the identification, assessment and processing of information security risks. The Risk Analysis, applicability statement and risk treatment plan define how information security risks are controlled.<br \/>General Principles of Information Security<br \/>7.1. Details regarding the information security requirements and rules outlined by this policy, Company employees and third parties are obliged to know these policies and procedures and to carry out their work in accordance with these rules.<\/p><p>7.2. These rules and policies are essential to be taken into consideration for all information stored and processed in printed or electronic media and for the use of all information systems, unless otherwise stated.<\/p><p>7.3. The Information Security Management System is structured and operated based on the TS ISO\/IEC 27001 &#8220;Information Technology Security Techniques and Information Security Management Systems Requirements&#8221; standard.<\/p><p>7.4. It carries out the implementation, operation and improvement of ISMS with the contribution of relevant parties.<\/p><p>7.5. The information systems and infrastructure offered by the company to employees or third parties, and all information, documents and products produced using these systems, belong to the company, unless there are legal provisions or contracts requiring otherwise.<\/p><p>7.6. Confidentiality agreements are made with employees, consultancy, service procurement (Security, service, catering, cleaning company, etc.), Suppliers and Interns, or relevant clauses are added to the contracts.<\/p><p>7.7. Information security controls to be applied during recruitment, job change and termination processes are determined and implemented.<\/p><p>7.8. Trainings that will increase employees&#8217; information security awareness and enable them to contribute to the functioning of the system are regularly given to existing company employees and newly hired employees.<\/p><p>7.9. All actual or suspected breaches of information security are reported; Nonconformities that cause violations are identified, the main reasons are found and measures are taken to prevent repetition.<\/p><p>7.10. Corporate data is classified and the security needs and usage rules of data in each class are determined.<\/p><p>7.11. Physical security controls are applied in parallel with the needs of assets stored in secure areas.<\/p><p>7.12. Necessary controls and policies are developed and implemented for the company&#8217;s information assets against physical threats they may be exposed to inside and outside the company.<\/p><p>7.13. Procedures and instructions regarding capacity management, relations with third parties, backup, system acceptance and other security processes are developed and implemented.<\/p><p>7.14. Audit record generation configurations for network devices, operating systems, servers and applications are adjusted in line with the security needs of the relevant systems. Audit records are protected against unauthorized access.<\/p><p>7.15. Access rights are assigned based on need. The most secure technology and techniques possible are used for access control.<\/p><p>7.16. Security requirements are determined during system procurement and development, and it is checked whether the security requirements are met during system acceptance or testing.<\/p><p>7.17. Continuity plans for critical infrastructure are prepared, maintained and exercised.<\/p><p>7.18. Necessary processes are designed to comply with laws, internal policies and procedures, and technical security standards, and compliance assurance is provided through continuous and periodic surveillance and audit activities.<\/p><p>Violation of the Policy and Sanctions If it is determined that the Information Security Policy and Standards are not complied with, the sanctions specified in the relevant articles of the contracts, which are also valid for 3rd Parties, are applied to the employees responsible for this violation, according to the Disciplinary Regulation.<\/p><p>Management Review Review meetings are held with the participation of Senior Management and Department managers. These meetings, where the suitability and effectiveness of the Information Security Management System are evaluated, are held at least once a year.<\/p><p>Updating and Reviewing Information Security Policy Document<br \/>Senior management is responsible for ensuring the continuity and review of the policy document. Policies and procedures should be reviewed at least annually. Apart from this, it should also be reviewed after any changes that will affect the system structure or risk assessment, and if any changes are necessary, they should be approved by the senior management and recorded as a new version. Each revision must be published in a way that is accessible to all users.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>INFORMATION SECURITY POLICY Purpose :\u00a0The purpose of this policy is to define the approach and objectives of senior management and to communicate these objectives to all employees and interested parties, in order to prevent violations of the law, legal, regulatory or contractual obligations and any security requirements.Scope: This policy protects electronic information assets obtained from [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"categories":[],"class_list":["post-4149","page","type-page","status-publish","hentry"],"lang":"en","translations":{"en":4149,"tr":3899},"pll_sync_post":[],"_links":{"self":[{"href":"https:\/\/lveel.com.tr\/test\/wp-json\/wp\/v2\/pages\/4149","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lveel.com.tr\/test\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/lveel.com.tr\/test\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/lveel.com.tr\/test\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/lveel.com.tr\/test\/wp-json\/wp\/v2\/comments?post=4149"}],"version-history":[{"count":10,"href":"https:\/\/lveel.com.tr\/test\/wp-json\/wp\/v2\/pages\/4149\/revisions"}],"predecessor-version":[{"id":4160,"href":"https:\/\/lveel.com.tr\/test\/wp-json\/wp\/v2\/pages\/4149\/revisions\/4160"}],"wp:attachment":[{"href":"https:\/\/lveel.com.tr\/test\/wp-json\/wp\/v2\/media?parent=4149"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lveel.com.tr\/test\/wp-json\/wp\/v2\/categories?post=4149"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}