Information Security Policy

Supernova regards corporate information as an extremely valuable asset.

Information; is critical to the sustainability of our business operations and must be appropriately protected.

Supernova aims to minimize the risks that may arise regarding the Confidentiality, Integrity, Usability of corporate information and the effects of these risks by applying the Information Security Management System (ISMS) ISO 27001 standard.

This policy has been approved by our General Manager.

Supernova has adopted the fulfillment of the following:

Ensuring the confidentiality, integrity and availability of information and information systems,
Identifying risks to information assets and systematically managing risks,
To fulfill the requirements of Information Security Standards,
To comply with all legal regulations regarding Information Security,
Evaluating continuous improvement opportunities and carrying out studies in order to keep the Information Security Management System alive,
To provide trainings to improve technical and behavioral competencies in order to increase information security awareness,
Preparation and publication of other sub-procedures related to this policy by the Director of Information and Communication Technologies.

Information Security Policies are valid and mandatory for all personnel using Supernova information or business systems, whether full-time or part-time, permanent or contracted, regardless of geographic location or business unit. All persons who do not fall into these classifications, such as third-party service providers and their affiliated support personnel, who need access to their information, must adhere to the general principles of this policy and other security responsibilities and obligations that they must comply with.

The purpose of Information Security and this policy is to protect, maintain and manage the confidentiality, integrity and availability of information and all support business systems, processes and applications. This means; Keeping Supernova's information in authorized hands; ensuring that information is complete, accurate and usable; ensuring that information and systems are ready for use when needed. For this reason, all Supernova and outsourced personnel and interns, dealer users personnel, regardless of their position or duties, are responsible for doing their jobs in a way that protects the information within the company. Supernova employees must also comply with the Protection of confidential information and Business Conduct Ethical Principles specified in the Personnel Regulation Rules.

supernova; It undertakes to take the measures specified in the Personal Data Protection Law and to work in full compliance with the personal data protection policy of its customers.

Functional ownership of this policy and all standards and other supporting documentation and training activities will be held by the operating unit, and this management will also be the source of advice and guidance regarding the implementation of the policy throughout Supernova.

Operation unit; It will ensure that they receive appropriate training that will create the appropriate level of awareness about Information Security issues and will guide the handling of information security incidents in general. It will ensure that this policy is supported by detailed standards, procedures and processes where necessary, and that they are available as needed. He will also be responsible for ensuring that these policy requirements are communicated to all employees (permanent or periodic) and to all contractor personnel.

Responsible for establishing and maintaining the overall governance framework for Information Security, and for continuing review of this policy to ensure that it is up-to-date and continues to reflect the business requirements of Supernova and its subsidiaries, or changes in the risk environment or threats facing their information and information systems. .

Information Security policies are reviewed at least once a year in parallel with the asset and risk updates made in order to reflect the current risks faced by Supernova information assets. In order to keep new risks and changes in risks under control, Information Security Policies are updated by making new necessary additions. In addition, any Supernova employee can request the operations unit to improve the Information Security Policies and to change the policies in order to better reflect the controls needed. As a result of the requests made, actions are taken and improvements are made.

Information Security Policy principles should be applied in parallel with Supernova Human Resources' Personnel Regulation Rules. Employees are also responsible for being aware of the Information Security Policy and complying with these principles.

Each unit manager is primarily responsible for taking the necessary measures to ensure compliance with the Information Security Policy and monitoring the system.

The Information Security Management is responsible for periodically auditing and reporting to the relevant parties the compliance with all published policies and procedures, especially the Information Security Main Policy.

Violations of the Information Security Policy may cause Supernova to suffer damage as a result of not implementing the necessary controls against risks, as well as criminal liability and compensation for material damages according to the new Turkish Penal Code. Therefore, the said violation is also a violation of the Supernova Personnel Regulation and may result in disciplinary action.

Violations of the Information Security Policy determined as a result of both surveillance, audit and notification may result in internal disciplinary penalties, which can go up to termination of employment and even initiation of Judicial and Criminal legal proceedings.

Working together to implement this policy will help to continually protect our knowledge and reputation and ensure the continued success of our business.

Supernova Information Security, in order to protect the reputation, reliability, information assets of Supernova, and to continue its basic and supporting business activities with the least possible interruption,

To fully ensure the continuity of information systems,
To maximize the level of employees' awareness, awareness and compliance with safety requirements,
To ensure full compliance with the contracts made with third parties,
Minimizing information security breach incidents and turning them into learning opportunities,
Production, access and storage of information in full compliance with the law,
It aims to implement the most up-to-date and effective technical security controls.

Each Supernova employee is responsible for contributing to these goals.

Information Security Policy

Purpose, Scope of Information Security and Adoption of the Subject by Management

Responsibilities of All Employees

Providing Guidance on Policy Ownership and Information Security

Supervision and Policy Compliance and Resolution of Non-Compliance

Goals

Sign up for our newsletter

Company

Supernova

Resources

Contact