Information Security Policy
Insider enables accurate customers to be identified with zero marketing waste, thus creating value for all Business Partners with the aim of ensuring revenue, growth, and loyalty in companies engaged in digital marketing with Acquisition, Activation, Retention and Revenue solutions. While delivering these solutions, within the scope of the ISMS and in all units within the scope of the ISMS, Insider has committed
- To establish an information security management system,
- To implement it,
- To review its effectiveness,
- To improve it continuously,
- To maintain confidentiality, integrity and accessibility of information by applying the asset and risk management processes,
- To give assurance to the parties that the risks are managed correctly
- To provide the necessary resources to achieve the objectives and objectives of the information security management system,
- To comply with legal and other requirements.
Insider, in this context, is obligated
- To establish, implement, review and continuously improve an information security management system based on the ISO / IEC 27001: 2013 Information Security Management System Standard in order to ensure the confidentiality, integrity and accessibility of information assets,
- To determine the authorities, roles and responsibilities for the establishment and execution of Information Security Management System; periodically review these powers, roles and responsibilities,
- To comply with all legal regulations and contracts related to information security,
- To determine the risks at certain time intervals and manage the risks by taking necessary actions in order to protect the information and information assets,
- To prepare and test business continuity plans so that their activities and their responsibilities to their stakeholders are not interrupted in the face of any negative impacts,
- To manage information security openings and infringement events and ensure that they are not repeated,
- To organize trainings that will increase the awareness of its employees and all other stakeholders on information security and to follow up the results with the awareness that the most important element in ensuring information security is human.
This policy is approved by Insider Senior Management. The Information Security Manager is primarily responsible for ensuring compliance with the Information Security Policy and related policies. Insider Information Security Policies and Procedures, whether full-time, part-time, permanent or contracted, are valid and mandatory for all personnel using company information or business systems, regardless of geographic location or business unit. All persons, such as third-party service providers and their affiliated support personnel, who do not qualify for such classifications, must adhere to the general principles and other security responsibilities and obligations they have to comply with.