Information Security Policy

At Adonis Center, we are dedicated to safeguarding the confidentiality, integrity, and availability of information as an essential component of our mission and vision. In alignment with the Information Security Management System (ISMS) standard, we uphold rigorous information security standards to protect our information assets and foster trust among our stakeholders. This policy outlines our commitment to establishing, maintaining, and continually improving our information security practices through the following principles:

1. Setting and Reviewing Security Objectives:
   We define specific, measurable information security objectives that align with our strategic goals and comply with the ISMS standard. These objectives are periodically reviewed to ensure they remain relevant and effective, with activities planned, executed, and controlled to support the continual improvement of our ISMS.

2. Compliance with Legal and Regulatory Requirements:
   Our ISMS framework is designed to meet all applicable legal, regulatory, and contractual obligations, including adherence to the Personal Data Protection Law (KVKK). We systematically incorporate these requirements into our processes and workflows, ensuring compliance in every aspect of our operations and interactions with third parties.

3. Integration with Other Management Systems:
   To maintain a unified and effective approach to risk management, we operate our ISMS in tandem with other management systems within our organization. This integrated approach ensures consistency and alignment across different areas, strengthening our overall information security posture.

4. Defined Roles, Responsibilities, and Resources:
   We clearly define and communicate the roles and responsibilities of all team members within the ISMS framework. Adequate resources are allocated to each role to support the effective functioning of the ISMS, and continuous training ensures our team remains capable and informed about their responsibilities.

5. Establishing Criteria for Information Assets:
   We set clear criteria for the confidentiality, integrity, and availability of our information assets, maintaining a comprehensive inventory of all assets within the ISMS scope. This inventory allows us to monitor and protect critical assets consistently and effectively.

6. Comprehensive Risk Management:
   We identify, evaluate, and manage both current and potential risks that may impact information security. Through a thorough risk assessment process, we select appropriate risk treatment options, establishing measures to mitigate identified risks and reduce their likelihood and impact on our operations.

7. Business Continuity Planning:
   We develop, test, and implement business continuity plans to maintain critical functions during potential disruptions. These plans ensure our resilience in the face of unforeseen events, with processes in place for continuous review and improvement.

8. Innovation and Technological Advancement:
   Adonis Center remains proactive in monitoring and adopting emerging technologies and best practices in information security. By staying informed about the latest advancements, we integrate innovative solutions to strengthen our security defenses and adapt to an evolving threat landscape.

9. Stakeholder Compliance and Engagement:
   We engage all stakeholders, including employees, partners, and suppliers, to comply with our information security standards. Communication channels and training programs are in place to ensure that everyone understands, supports, and adheres to our policies.

10. Building Awareness and Accessibility:
    Our information security policy is communicated across the organization, making it accessible to all employees and ensuring they are aware of their role in maintaining security standards. Regular awareness initiatives and training programs foster a security-focused culture within our team.

11. Incident Response and Policy Violation Management:
    In the event of any policy violations or security incidents, we activate predefined response procedures to address and contain the issue. Corrective actions are monitored to prevent future occurrences, and relevant stakeholders are informed in line with our commitment to transparency and accountability.

At Adonis Center, our Information Security Policy underscores our commitment to protecting information assets and fostering a secure environment for our stakeholders. Through continuous improvement and a proactive approach, we strive to uphold the highest standards of information security to build trust and ensure the resilience of our operations.