At Arı Döküm, we consider the protection of our information assets to be a key element of our business continuity. Ensuring information security means not only meeting legal and regulatory requirements but also creating a trustworthy working environment for our business partners, customers, and employees.

In this regard, our information security policy is shaped around the following principles:

1. Information Security Management and Risk Control • A comprehensive Information Security Management System (ISMS) is implemented to ensure the protection of information assets. • Regular risk assessments are conducted to identify, analyze, and minimize potential risks. • We proactively update our technological infrastructure to prevent security vulnerabilities in business processes and take necessary measures against new threats.
2. Data Privacy and Access Controls • The confidentiality of all corporate and customer information is protected, and strong access control mechanisms are implemented to prevent unauthorized access. • Employees are granted access to information based solely on their job responsibilities according to authorization principles. • Critical data protection is ensured through encryption, secure data storage, and backup procedures. 
3. Legal Compliance and Ethical Principles • We comply with all national and international legislation related to information security and complete the necessary certification processes. • In accordance with internal ethical rules, necessary sanctions are applied in case of any violations of information security policies.
4. Employee Awareness and Security Culture • Regular training and awareness programs are organized to raise employee awareness about information security. • Reporting mechanisms are created to allow employees to detect and report information security threats.
5. Information Security Incident Management and Continuous Improvement • Incident response processes are implemented for early detection and effective management of security breaches. • The company's security infrastructure is regularly reviewed and improved according to technological developments and new threats.
6. Business Continuity and Disaster Recovery Planning • Business continuity plans have been developed for potential cyber-attacks, data loss, or operational disruptions, and necessary scenarios are defined. • Backup and recovery procedures are implemented to ensure the uninterrupted continuation of critical business processes.