Yekaş Fides Global Logistics | Information Security Policy
1521
page-template-default,page,page-id-1521,ajax_fade,page_not_loaded,,qode_grid_1300,footer_responsive_adv,hide_top_bar_on_mobile_header,qode-theme-ver-14.3,qode-theme-bridge,wpb-js-composer js-comp-ver-5.4.7,vc_responsive
 

Information Security Policy

YEKAŞ & FIDES GLOBAL LOGISTICS INC. (YEKAŞ & FIDES) was established in May 1998 and provides services in international land, sea and air transportation.

 

Competitive conditions, the reliability of our company, ensuring the security of the information we access, ensuring that our products and services comply with the expectations of our customers and international standards, not only in terms of functionality and performance, but also in terms of security are important factors to consider.

 

As YEKAŞ & FIDES, it is our foremost duty to protect the corporate and commercial reputation of our company. In this context, it is an inseparable part of this duty to ensure the security of the information of our Company, our employees and our customers and to ensure the continuation of our processes with minimum interruption.

 

In line with this task, within the scope of corporate governance strategies, YEKAŞ & FIDES, aiming to reach reliable information solutions by establishing a risk-based management system in accordance with international standards and to protect its information in the most appropriate way, has started the establishment of an information security management system (ISMS) in order to realize and document this goal. and took the ISO 27001:2013 standard as a reference, which aims to create a common understanding of information security among institutions.

 

It is important for us to minimize the risks involved in implementing an ISMS, in which risks regarding information security will not be ignored in our functional processes and controls to manage risks will be determined and implemented, in a way to cover business processes and physical and electronic information assets within YEKAŞ & FIDES, to ensure that it is updated and to maintain its functionality. is a factor.

 

YEKAŞ & FIDES Information Security Management System has been established with the contribution of all employees and is continuously improved with their conscious and subject-sensitive approach. In order to protect and process information and information resources in a way that supports business objectives, new business steps and tasks need to be defined. The reflections of information security-related activities on the job descriptions of the employees are explained in the Organization Handbook.

 

Information security, in our company; It is accepted as ‘protecting the confidentiality, integrity and accessibility of information’. In this context; At YEKAŞ & FIDES,

 

Confidentiality – Protecting sensitive information from unauthorized access,

Integrity – The ability to preserve the accuracy and completeness of information,

Accessibility – It is perceived as the information being ready for use by the necessary people when needed.

 

ISMS studies are structured on risk assessment, first of all, business processes and all information assets owned by our Company were determined, and the owners of the processes and assets were determined. Process and asset owners, their processes and assets; In terms of confidentiality, integrity and accessibility, care has been taken to ensure that people who know the importance, risks, risk sources and causes, possibilities of occurrence of risks, their effects and the level of protection required for the Company best, and it is foreseen that these data should be taken as basis in risk assessment.

 

All employees working within our company and individuals and organizations that work within the framework of contracts; to protect the confidentiality, accuracy and integrity of information in electronic, printed documents and other forms, to keep information sources alive at all times, to provide the necessary level of security and backup, not to use information in violation of laws and regulations, and not to transmit “Company-specific” information outside the company without authorization. They should be aware of the fact that they can be held responsible for malfunctions when necessary.

 

An information security committee has been established in our company for the coordination of information security management activities. This committee, which takes part in the formation of policies, procedures and standards related to the information security policy and the sub-fields of information security, will also undertake the task of keeping the system up-to-date over time. CFO, Administrative Affairs Manager and Information Security Manager serve in the committee chaired by the CEO.

 

The Committee, which is expected to meet at least once a year, will review the security policy at these meetings, be authorized and responsible for the continuous improvement of processes and other subsystems, ensuring their operability without interruption, fulfilling the requirements of the ISO 27001: 2013 standard and the efficiency of coordination with the ISO 9001 quality management system. . Any change in the information management system requires a review meeting.

 

Sanctions in the ‘Personnel Regulations’ will be applied to those who knowingly or unknowingly violate or cause a violation of information security in our Company.

 

YEKAŞ & FIDES employees at all levels make the expected contribution and fully implement the system, as well as all our activities, to ensure that our Information Security Management System is carried out without interruption and in a way that fulfills all legal obligations, thus protecting our reliability and reputation at the highest level.

 

Rafet Uyanık

Chairman of the Board

01.02.2021