» Information Security Policy

Identify risk acceptance criteria and risks, develop and implement controls,

To ensure the implementation of the information security risk assessment process to identify risks related to the loss of confidentiality, integrity and accessibility of information and related data within the scope of the Information Security Management System, and to identify risk owners,

To define a framework for assessing the confidentiality, integrity and accessibility impacts of information and related data within the scope of the Information Security Management System,

Continuously monitor risks by reviewing technological expectations in the context of the scope served,

To ensure the Information Security requirements arising from the national or sectoral regulations to which it is subject, to fulfill the requirements of legal and relevant legislation, to meet its obligations arising from agreements, and its corporate responsibilities towards internal and external stakeholders,

To reduce the impact of Information Security threats to service continuity and contribute to continuity,

To have the competence to quickly intervene in Information Security incidents that may occur and to minimize the impact of the incident,

To maintain and improve the level of information security over time with a cost-effective control infrastructure,

To improve the reputation of the organization and protect it from negative effects based on information security,

To ensure information security within this scope by making Confidentiality, Integrity, Accessibility evaluations of information for all levels of information that Zağnos Tour hosts and acquires within the scope of its main activities and business processes,

Within the scope of Zağnos Tour Information Security Management System practices, an information classification guide has been created to increase corporate awareness about information with different levels of sensitivity in terms of confidentiality, to determine and implement logical, physical and administrative controls recommended to be applied for information with different sensitivity levels, and to define access and control rules within the scope of Information Security Management System practices of data in portable media.

Zağnos Tour Senior Management is committed to the realization, review and continuous improvement of practices related to Information Security.