INFORMATION SECURITY

Information Security compatible with ISO 27001/IEC

Whereas we, as Adapazarı / Gebze / İzmir Electricity Production Limited Companies, produce electricity through natural gas combined cycle power plant;

  • We guarantee the protection of Enterprise Computing Systems (ECS) and Industrial Control Systems (ICS) and information, services, processes and assets to be produced, stored, processed and forwarded through the said systems
  • That of foreign trade operations, logistics, accounting, finance, data processing, storage and services associated to the said processes and information, services, processes, assets, locations supporting the services in question, and of the features of privacy, integrity and accessibility of employees; and abatements of risks to an acceptable level.

We, in a way of fulfilling the requirements of ISO/IEC 27001:2013 standard, execute the following activities and manage, in an integrated way, them together with other management systems in order to manage any kind of risk towards our information holdings, processes, locations and employees in our information security management system:

  • Providing documentation and keeping it up-to-date
  • Certifying the system and providing the continuity of certification
  • Continuous improvement of Information Security Management System
  • Systematic management of risks towards information holdings
  • Realization of trainings that can develop technical and behavioral capabilities with the purpose of increasing the awareness of information security.

Through the application of this policy and that of other sub-policies in the information security management system, our company, in this context, adopts as principle to comply with legal obligations and with provisions in agreements to be made with third parties (business partners, clients and suppliers), to enable basic and supportive business activities to be carried on with the minimum interruption, to minimize any kind of revenue or opportunity loss resulting from security incidents, and to meet the requirements of information security.

Information Security Systems Documentation