Cookies are used to personalize content and ads, provide social media features, and analyze our traffic. You can accept all cookies with the “Accept” option or you can edit the settings with the "Cookie Settings" option.

TR

    Management Information Systems Policies


    Information Security Policy

    GARENTA recognizes corporate information as a valuable asset. All kinds of corporate information and information belonging to GARENTA and/or our business stakeholders that are used during the activities and the environment where the information is located are critical for our business and responsibilities and must be properly secured. The concept of security consists of 3 components: confidentiality (preventing unauthorized access to information), integrity (complete, accurate, unauthorized unchanged) and availability (ready for use when needed), and a security weakness that may occur in any of these main components may have a serious impact on the integrity and reputation of GARENTA's business activities.

    This policy has been prepared to protect, maintain and manage the confidentiality, integrity and availability of corporate information, information systems, processes and applications. All employees and business stakeholders who use GARENTA information assets are covered by this policy. Regardless of their duties and positions, all GARENTA employees and suppliers are obliged to comply with the security principles specified in the relevant legal regulations, policies, procedures, regulations, GARENTA working principles and contracts, to limit risks and to work within the framework of accepted good practices.

    The manager of each unit is primarily responsible for taking the necessary measures and supervising the activities to ensure compliance with the Information Security Policy in his/her area of responsibility.

    GARENTA aims to protect the information and information assets of itself and its stakeholders with its Information Security Management System. GARENTA Management undertakes to provide the necessary resources for the establishment, implementation, operation and continuous improvement of the Information Security Management System in order to achieve this goal.

    Violation of policies related to information security and failure to implement the necessary controls against risks may cause material and moral damage to GARENTA.  For this reason, information security and/or related policy violations detected as a result of surveillance, audit and/or whistleblowing may lead to the imposition of internal disciplinary penalties, up to and including the initiation of judicial and criminal legal proceedings.

    Business Continuity Policy

    • Ensuring life safety as the first priority in disasters and emergencies,
    • To maintain our reputation as a reputable and solid company that our customers trust and therefore prefer,
    • To establish, operate and continuously improve our business continuity structure by taking into account the expectations of the relevant parties and legal and regulatory obligations,
    • Finding and implementing preventive and protective measures before disaster strikes,
    • Implement our business continuity capacity in line with the requirements of the ISO 22301 standard and continuously improve it according to the practices of the ISO 22301 standard,
    • To set measurable targets for our business continuity structure to meet expectations and go further, and to evaluate them annually,
    • Conduct business impact analysis to identify priority activities that support our products and services,
    • Make preparations to protect and recover priority activities identified in the business impact analysis,
    • To carry out regular drills with realistic scenarios to ensure that our plans work in emergency situations.


    We undertake to ensure and improve business continuity with the established control infrastructure.