In order to maintain the reliability and corporate image of our company, and to ensure the continuity of core and supportive business processes with minimal interruption, all physical and digital assets used in the information technology infrastructure utilized by LODDOS are aimed to be safeguarded, along with all other information assets.

In line with the mission and vision of LODDOS, within the framework of the Information Security Management System (ISMS) standard, the following commitments are made to ensure the confidentiality, integrity, and availability of information:

All individuals utilizing the information processing infrastructure and accessing information assets are dedicated to upholding the confidentiality, integrity, and availability of company- owned information in both personal and electronic communications, as well as in exchanges with third parties. This commitment involves backing up processed information based on criticality levels, implementing security measures according to risk levels, reporting incidents of information security breaches, notifying relevant departments, and implementing preventative measures against such breaches.

Not using information resources for activities contrary to laws and related regulations, Explicitly committing to meeting applicable information security requirements and ensuring necessary leadership and commitment to take all necessary measures for continuous improvement of the Information Security Management System, Planning, implementing, controlling, and ensuring continuous improvement of the ISMS by determining information security objectives and activities, Identifying how the activities meet legal, contractual, standard, and business requirements, Identifying and appointing duties, roles, and responsibilities along with necessary resources within the scope of ISMS, Identifying, assessing, and implementing appropriate risk treatment options that may affect the capability to achieve the intended outputs of the information security management system, Taking necessary measures to ensure compliance with identified information security issues by all stakeholders, Committing to the dissemination, accessibility, awareness, and implementation of this policy.