INFORMATION SECURITY

The main scope of the TS EN ISO 27001:2022 Information Security Management System (ISMS) has been defined to cover the information assets of GAMA Enerji A.Åž. and Kremna Enerji Ãœretim ve Ticaret A.Åž. related to energy generation, as well as the supporting industrial and office IT infrastructure; information assets associated with investment, procurement/mergers, business development, construction, and asset management processes; and the information security of personnel and IT infrastructure.

Accordingly, the purpose of the ISMS Policy is as follows:

  • To protect the information assets of GAMA Enerji A.Åž. and Kremna Enerji Ãœretim ve Ticaret A.Åž. against all types of threats that may arise intentionally or unintentionally, from internal or external sources; to ensure the appropriate availability of information; to comply with applicable legal and regulatory requirements; and to carry out continuous improvement activities,
  • To ensure the continuity of the three fundamental principles of the ISMS in all activities carried out:
    • Confidentiality: Preventing unauthorized access to critical information
    • Integrity: Demonstrating that the accuracy and integrity of information are maintained
    • Availability: Ensuring that authorized users can access information when required
  • To ensure the security of all data, including electronically stored data, as well as written, printed, verbal, and similar forms of information,
  • To raise awareness by providing Information Security Management training to all personnel,
  • To report all existing or suspected vulnerabilities within the scope of Information Security Management to the ISMS team and to ensure that they are investigated,
  • Within the framework of the existing strategic business plan and risk management approach, to identify, assess, control, and monitor the risks related to the establishment and continuity of the ISMS,
  • To prepare, maintain, test, and review business continuity plans at least once a year,
  • To prevent any disputes and conflicts of interest that may arise from contractual obligations.

GAMA Enerji A.Åž. and Kremna Enerji Ãœretim ve Ticaret A.Åž. commit to ensuring the sustainability of the ISMS (ISO 27001:2022). All employees and relevant third parties defined within the scope of the ISMS are expected to comply with this policy and with the ISMS implemented in accordance with this policy.