SabancıDx recognizes corporate information as a valuable asset. The loss or corruption of this information and support business systems or disclosure of them to third parties in a way that can damage SabancıDx or their theft may have a serious impact on the integrity and reputation of the company’s business activities. Therefore, all of SabancıDx’s people are required to be well-informed about Information Security principles.
Information security ensures the protection of the following qualities of information assets;
• Confidentiality: Making information accessible to authorized persons only,
• Integrity: Protecting information against unauthorized change and detecting unauthorized change,
• Availability / Accessibility: Making information available to authorized users when needed.
SabancıDx implements the ISO 27001 Information Security Management System and adopts the following objectives;
• Protecting the credibility of and the image represented by the company,
• Ensuring that the company’s primary and supporting business activities continue with minimum interruption,
• Ensuring compliance with laws, regulations and third-party contracts,
• Ensuring continued improvement of the Information Security Management System to handle risks sufficiently.
SabancıDx policies and procedures apply independently of geographical location or section for all SabancıDx full/part-time, temporary/permanent contract personnel, interns and third-party service providers that use SabancıDx information and/or SabancıDx information system infrastructures.
Users of SabancıDx information and/or SabancıDx information system infrastructures are required to;
• Learn and comply with the Information Security Policy as well as the principles of the protection of confidential information provided in the Business Ethics Rules and other policies and documents,• Ensure the confidentiality, integrity, and accessibility of company information in personal and electronic communications,
• Take security precautions determined according to risk levels,
• Report information security breaches and take precautions that will prevent such breaches,
• Avoid forwarding internal company information resources (announcements, documents etc.) to unauthorized third parties,
• Avoid using the company information system infrastructures for illegal purposes, and protect the confidentiality, integrity, and accessibility of the information of SabancıDx customers, business partners, suppliers or other third parties.