• 0

INFORMATION SECURITY POLICY


Monami Kozmetik Pazarlama ve Ticaret Anonim Şirketi and all its employees are committed to effectively managing all risks to our information security, business continuity, and information assets. In line with this commitment, our company undertakes the following principles and practices:


  • To ensure the continuous and uninterrupted operation of the information technology services used in the execution of our corporate activities, and to provide the necessary infrastructure and measures to guarantee that information is accessible only by authorized personnel.


  • To comply with all applicable national and international laws, regulations, and standards related to information security.


  • To organize regular training programs to raise awareness among our employees regarding information security and to foster a culture of security across the organization.


  • To manage and classify all information assets, assess their security value, identify needs and risks, and ensure proper protection.


  • To develop and implement appropriate controls to address identified information security risks.


  • To establish a framework that defines information assets, their values, security needs, vulnerabilities, potential threats, and the methods used to determine threat frequency and impact.


  • To ensure that outsourced service providers and third-party partners meet our information security requirements and comply with our Information Security Management System (ISMS).


  • To define and monitor the information security requirements for all suppliers and third parties, ensuring ongoing compliance with our company’s standards.


  • To determine, document, and regularly audit our company’s information security standards, ensuring continuous improvement and compliance.


  • To maintain the capability to respond promptly and effectively to any information security incidents that may occur, minimizing their impact and preventing recurrence.


  • To sustain and enhance the level of information security over time through a cost-effective control infrastructure.


  • To protect and enhance our company’s reputation by preventing any negative effects arising from information security incidents.