INFORMATION SECURITY MANAGEMENT COMMITMENT
SunExpress Management is committed to ensuring confidentiality, integrity and availability of its client, employee, shareholder and corporate data that it processes, transfers and stores both physically and electronically.
Supporting initiatives in ensuring and enabling implementation of a holistic Information Security approach that aims to comply with relevant regulations and globally respected professional norms and standards in Information Security Discipline is among the top priorities of SunExpress Management.
In order to achieve high-quality, effective and sustainable Information Security Management System within SunExpress, the management established and authorized a dedicated team of Information Security Professionals under Information Technology function and requires the whole organization to be ISO/IEC 27001:2013 Information Security Management System certified. The management is committed to ensuring and enabling availability of required resources to receive and sustain this certificate.
SunExpress Management accepts the following principles to ensure sound implementation of core Information Security requirements througout the whole organization;
- Adopt risk-focused approach and establish risk aware culture in identification of threats, classification of information assets and remediation of weaknesses where confidentiality, integrity and availability of client, employee, shareholder and corporate data is at stake.
- Embrace compliance to regulatory framework as a standard and reinforce corporate information security posture by adopting internationally respected professional norms and standards.
- Employ all available tools and resources to enable and encourage Information Risk Aware culture throughout the whole organization and provide necessary trainings.
- Ensure and stand for corporate Information Security Standards when establishing and maintaining business relationships and partnerships with external parties.
- Ensure strong and sustainable Information Security Management System lifecycle by establishing, encouraging and supporting health-checks, audits and controls by independent parties.
- Ensure safety and job security of all employees who internally discloses information security violations and wrongdoings.
We strongly emphasize that Information Security is everyone’s responsibility at SunExpress and all employees are bound by Information Security Policies and Procedures.
|Ahmet Fevzi Çalışkan