WE CARE ABOUT PRIVACY

We use cookies to give you the best possible experience on our website. Necessary cookies must be set for our website to function properly. You can decide which categories you want to allow. Please note that depending on the settings you have chosen; all functions of the website will may not be available.
You can find more information in our Privacy Policy / Cookie Policy.

INFORMATION SECURITY POLICY

HES Hacılar Elektrik San. ve Tic. A.Ş. manages all kinds of risks related to our business continuity and information assets by establishing and implementing an Information Security Management System (ISMS) that meets the requirements specified in the TS ISO/IEC 27001 Information Security Management System standard.
HES Cable Management agrees and commits to comply with the defined, implemented, and operational Information Security Management System, allocate the necessary resources for the efficient operation of the system, and ensure that it is effectively and continuously improved, making sure that all personnel understand it.
As a result of this commitment, training programs will be organized to enhance technical and behavioral competencies to raise information security awareness. Necessary infrastructure investments will be made. Systematic analysis of risks to information assets will be ensured. By managing the system in an integrated manner with other management systems we apply, we will work with all our strength to become a model organization.
The policy adopted by HES CABLE includes:

  • Ensuring that information is accessible only to authorized individuals for confidentiality protection,
  • Preventing unauthorized access and recording any changes to data to protect its integrity,
  • Ensuring accessibility by granting authorized individuals access when necessary,
  • All policies and procedures supporting this policy are implemented by each department. All legal requirements are fulfilled,
  • Awareness training is provided separately to blue-collar and white-collar employees to raise awareness of information security,
  • All information security vulnerabilities and detected suspicious situations are reported to the relevant parties, who will ensure continuous improvement and controls,
  • Our organization commits to complying with all applicable legal and regulatory requirements. This includes compliance with laws related to personal data protection, intellectual property rights, cybersecurity, and other related laws,
  • A business continuity plan and disaster recovery plan are developed to manage and reduce information security risks. All technical and organizational measures are taken to ensure the sustainability of all information security processes without interruption.