Our Information Security Policy

Kositaş Sigorta ve Reasürans Brokerliği A.Ş. These are assets that are of great importance to you. Any person using information assets and resources or providing information is obliged to protect information assets. All employees using common information assets are expected to show the necessary sensitivity and act by considering other colleagues, corporate employees and corporate values. Confidentiality is given importance as a requirement of corporate values, and all kinds of personal information are protected by systems with the highest security standards. Information is not shared unless the owner of the information requests, authorization or legal requirements.

Kositaş Sigorta ve Reasürans Brokerliği A.Ş. The most critical of all these information assets and resources, the information assets that must be carefully protected, secured, and accessed when needed, are within the body of the server system. Information assets and resources can be located in different locations or environments. Regardless of location or environment, customer communication requirements and corporate values ​​determine the use of these assets and resources. Information security is possible by ensuring not only the confidentiality of information but also its integrity and availability. The requirement for confidentiality of information means granting only access to information assets required within authorization. The integrity of information requires ensuring the completeness and accuracy of all information assets. The availability of information means that information assets can be accessed and used when needed.

The complexity and multiplicity of needs regarding the use, placement and protection of information necessitate the definition of comprehensive and extensive information security processes and policies. Therefore, in line with the determined processes, information security risks are evaluated by those responsible for the information assets, the priority of the risks is determined and the necessary measures are taken. Ensuring the security of the servers is a priority. Asset inventory and possible risks of this inventory are determined in advance and efforts are made to ensure that customers receive safe and uninterrupted service.

Kositaş Sigorta ve Reasürans Brokerliği A.Ş. These are assets that are of great importance to you. Any person using information assets and resources or providing information is obliged to protect information assets. All employees using common information assets are expected to show the necessary sensitivity and act by considering other colleagues, corporate employees and corporate values. Confidentiality is given importance as a requirement of corporate values, and all kinds of personal information are protected by systems with the highest security standards. Unless the owner of the information requests, authorization or legal requirements, the information is not shared. Kositaş Sigorta ve Reasürans Brokerliği A.Ş. The most critical of all these information assets and resources, the information assets that must be carefully protected, secured, and accessed when needed, are within the body of the server system. Information assets and resources can be located in different locations or environments. Regardless of location or environment, customer communication requirements and corporate values ​​determine the use of these assets and resources. Information security is possible by ensuring not only the confidentiality of information but also its integrity and availability. The requirement for confidentiality of information means granting only access to information assets required within authorization. The integrity of information requires ensuring the completeness and accuracy of all information assets. The availability of information means that information assets are accessible and usable when needed. The complexity and multiplicity of needs related to the use, location and protection of information necessitate the definition of comprehensive and comprehensive information security processes and policies. Therefore, in line with the determined processes, information security risks are evaluated by those responsible for the information assets, the priority of the risks is determined and the necessary measures are taken. Ensuring the security of the servers is a priority. Asset inventory and possible risks of this inventory are determined in advance and efforts are made to ensure that customers receive safe and uninterrupted service. In decisions and actions, importance and priority is given to the use of reliable objective information and all the possibilities of technology. The functioning is not according to the assumptions, intuition, feelings and experiments of the people; It is organized according to objective principles set forth by scientific and technological facts. To achieve this, knowledge is transferred from the most advanced sources in the world, adopted and professional practices are carried out in this direction. By using resources efficiently, investing in technology is made, and development continues in this direction. Therefore, the planning, implementation, monitoring and improvement steps of the information security management system are carried out in accordance with the ISO / IEC 27001 Information Security Management System standard and the standards supporting this standard.