Our Information Security System Policy
ANADOLU MOTOR considers corporate and personal information as an extremely valuable asset. Information assets and business systems are, therefore, critical to our business and need to be properly protected.
The purpose of Information Security is to ensure that ANADOLU MOTOR's information assets remain in the possession of authorized persons and that "Confidentiality, Integrity and Accessibility of Information Assets" is ensured.
The principles and measures set out in the Information Security Policies, related procedures, and other annexes defined for our organization have been updated to represent the current objectives. Please review the current versions. It is the responsibility of all ANADOLU MOTOR personnel, regardless of their position or duties, to read and follow updates.
Third-party stakeholders who have access to ANADOLU MOTOR information and their affiliated support personnel must adhere to the general principles of the Information Security Policy and other security rules and obligations they must comply with.
All employees are expected to fulfill the following requirements.
• Ensuring the Confidentiality, Integrity, and Accessibility of ANADOLU MOTOR's information assets continuously.
• Taking measures to eliminate the loss, corruption, or misuse of information assets belonging to ANADOLU MOTOR.
• Ensuring that the scope, content, and implementation of Information Security standards are sufficient to address the level of risk ANADOLU MOTOR faces and that legal, regulatory, policy, and best practices are complied with.
The Information Technologies Directorate is the functional owner of the policies and procedures describing Information Security activities and is responsible for their implementation within ANADOLU MOTOR.
Everyone is primarily responsible for taking the necessary measures to ensure compliance with the Information Security Policy and for monitoring the system.
The principles of the Information Security Policy are applied in parallel with the Information Security Procedure. Information Security Policy violations are also a violation of ethical rules and may result in disciplinary action. Violations of the Information Security Policy, whether detected as a result of surveillance, audit, or denunciation, may result in disciplinary action, up to and including termination of employment.
Working together on the implementation of this policy is essential for the continuous protection of our information assets and reputation and the continuity of our business success.