ONE HUMAN SOFTWARE AND INFORMATION CONSULTING INDUSTRY TRADE INC., in its activities of “Ensuring Information Security in the Development, Consulting, Sales and Support Services of Artificial Intelligence-Supported Human Resources Business Application Software,” always prioritizes customer satisfaction, paying utmost attention to information security, personal data protection, and quality. It aims to understand legislation, standards, customer expectations and needs, and to produce projects that anticipate potential needs and expectations.

In this regard,

OUR POLICY:

• To manage information assets, to determine the security values, needs, and risks of assets, and to develop and implement controls for security risks.
• To define the framework for determining information assets, their values, security needs, vulnerabilities, threats to assets, and the frequency of threats.
• To define a framework for evaluating the confidentiality, integrity, and availability impacts of threats on our processes and assets, as well as the privacy impacts of personal data.
• To establish working principles for risk management.
• Continuously monitoring risks by reviewing technological expectations within the scope of the services provided.
• Ensuring information security requirements arising from national or international regulations, legal and relevant legislation, obligations arising from agreements, and company responsibilities towards internal and external stakeholders.
• Mitigating the impact of information security threats on service continuity and contributing to continuity.
• Having the competence to quickly respond to potential information security incidents and minimize their impact.
• Maintaining and improving the information security level over time with a cost-effective control infrastructure.
• Providing awareness, information, and educational training to all personnel on Information Security Management System Policy, Processes, etc. Repeating this training at specific intervals.
• Continuously improving the system by considering the results of implementation, audit, and corrective actions within the scope of the Information Security Management System.
• Working to understand and meet the requirements of the Personal Data Protection Law (KVKK); also, understanding and meeting the requirements of the General Data Protection Regulation (GDPR) when working with international stakeholders and business partners subject to European Union data protection laws.
• To enhance company reputation and protect against negative impacts based on information security.

ONE HUMAN SOFTWARE AND INFORMATION CONSULTING INDUSTRY TRADE INC., we are committed to the implementation, review, and continuous improvement of Information Security Management System applications.

General Manager
03.01.2025