The Information Security Management System (ISMS) is operated by NAZALI Human Resources and Information Technologies Inc. across all NAZALI companies to ensure the proper management of operations related to the services provided by these companies. All NAZALI companies are obliged to implement and comply with the ISMS.
NAZALI supports the management of activities related to the establishment and implementation of policies concerning the protection of information and information assets, the adoption of security measures, and the investments, controls, and practices necessary to ensure the confidentiality, availability, and integrity of information.
To ensure that the ISMS operates within a clearly defined framework, all processes are secured through documented procedures and instructions. Compliance with these procedures and instructions is mandatory for all NAZALI employees.
Within the scope of the ISMS, the annual review and updating of documents and content, the performance of internal audits, the execution of security scans for networks and external connections, the provision of information security training for employees, the maintenance of business continuity, and the monitoring of other relevant processes and scenarios are regularly carried out by designated personnel under the responsibility of NAZALI’s senior management.
In the event of any data breach, NAZALI undertakes to notify the relevant authorities and organizations as soon as possible.
The Information Security Policy established for this purpose shall ensure the following fundamental requirements: