Information Security Policy

1. Objective:
The purpose of this policy is to clearly define the scope and limits of the Information Security Management System (ISMS) implemented by Bodur.

2. Scope:
In the event of any information security breach, it is mandatory to restore services at the lowest acceptable level. The Information Security Management System (ISMS) encompasses all services for which it is managed. The ISMS is the basis for the design, maintenance, and updating of the services and processes provided.

3. Application:
Accordingly, our ISMS Policy complies with the following:;

-Securely managing information assets, identifying the value, needs, and risks these assets may face, and designing and implementing controls against security risks.
- To establish a methodological framework for determining factors such as the value, security needs, vulnerabilities, and threat frequency of information assets.
- To define a framework for analyzing the potential impact of threats on the confidentiality, integrity, and accessibility of assets.
-To define the basic principles to be followed in addressing the risks.
- Continuously assessing security risks by monitoring technological developments within the scope of the services provided.
- To meet information security requirements in accordance with applicable national and international regulations, legal provisions and agreements, as well as corporate responsibilities towards internal and external stakeholders.
-To minimize the impact of information security risks that could threaten service continuity and to ensure uninterrupted operation.
-Having the ability to effectively respond to information security incidents and mitigate their impact.