Bu politikanın amacı, Vem İlaç personelinin Sistem, Bilgi ve Varlıklarının Gizlilik, Bütünlük ve Erişebilirlik özelliklerine uyması gereken çalışma kurallarını belirlemektir.
The purpose of this policy is to determine the rules to prevent any loss, change or misuse of information that may occur during information and software exchanges between Vem Pharmaceuticals and third parties.
Bu politika Kurumun Bilgi Güvenliği Yönetim Sistemi kapsamındaki mevcut ve yeni alınacak donanım ve yazılım varlıkları ile fiziksel alan erişimlerini kapsamaktadır.
This policy covers the existing and new hardware and software assets to be purchased within the scope of the Information Security Management System of the Institution, as well as physical space accesses.
Bu politikanın uygulanmasından tüm yönetici ve çalışanlar sorumludur.
All managers and employees are responsible for the implementation of this policy.
To ensure the continuity of the three basic elements of the Information Security Management System in all activities carried out.
Gizlilik: Önem taşıyan bilgilere yetkisiz erişimlerin önlenmesi
Privacy: Preventing unauthorized access to important information
Bütünlük: Bilginin doğruluk ve bütünlüğünün sağlandığının gösterilmesi
Integrity: Demonstrating that the accuracy and integrity of information is ensured
Erişebilirlik: Yetkisi olanların gerektiği hallerde bilgiye ulaşılabilirliğinin gösterilmesi
Accessibility: Demonstrating the accessibility of information by those with authority when necessary
Protecting the information assets of Vem Pharmaceuticals against all kinds of threats that may occur from inside or outside, knowingly or unknowingly, ensuring access to information as necessary through business processes, meeting the requirements of legal legislation, demonstrating the accessibility of information when necessary
To raise awareness by providing Information Security Management trainings to all personnel
To ensure the continuous improvement of the Information Security Management System
To take care of the security of not only the data held in electronic media, but also all data in written, printed, oral and similar media
To report all the vulnerabilities in Information Security that actually exist or raise doubts to the ISMS Team and to ensure that they are investigated by the ISMS Coordinator
To identify the existing risks by making periodic evaluations on Information Security. As a result of the evaluations, to review the action plans and to follow up
Preparing, maintaining and testing business continuity plans
To prevent all kinds of disputes and conflicts of interest that may arise from contracts
To meet the business requirements for information accessibility and information systems