Information Security Policy

HomepageInformation Security Policy

ETİ INFORMATION SECURITY POLICY

No matter where you are, Eti, which offers you a singular pleasure and happiness is a brand that is renowned for being cutting edge and inventive in the world of products and applications. To sustain and strengthen its brand recognition, every individual, every business unit at Eti works diligently every day to generate new ideas and perspectives that will create a competitive advantage.

All the knowledge we have accumulated is our company's most valuable asset and the result of our collective efforts. It is imperative that we protect this invaluable treasure and eliminate any risks that could harm it. On the other hand, Eti is an organization that respects the rights of the individuals and institutions it works with and is committed to fulfilling all of its obligations on time and in full. In this regard, it is evident that safeguarding critical information while respecting the rights of natural and legal persons is paramount.

To ensure the security of corporate assets within Eti, we commit to establishing, executing, adapting, maintaining, and continuously improving an Information Security Management System in accordance with the international ISO 27001 standard, the principles of the Eti Code of Conduct and Rules, and the following goals.

• To safeguard the confidentiality, integrity, and availability of ETI's information and information systems,

• To conduct ongoing assessments and management of information security risks,

• To determine the roles regarding the responsibilities and authorizations required for the execution of the Information Security Management System,

• Ensure that information is only accessible to authorized persons and that there is separation of duties,

• To comply with international standards and legal regulations pertaining to information security,

• To maintain a consistent approach to monitoring and measuring information security performance,

• To align with emerging threats and technological advancements by continually enhancing information security controls,

• To carry out trainings to improve technical and behavioral competencies in order to increase information security awareness,

• To prepare, update, and disseminate sub-procedures aligned with this policy to all stakeholders.

ISMS processes and procedures include systems necessary to manage information security breaches, exceptionsand prevent repetition of breaches. The Information Security Management Committee, tasked with establishing the principles outlined in this Information Security Policy Statement and ensuring its ongoing implementation, will continue to meet regularly.

All employees serving at ETI, persons and organizations performing business within the framework of contracts shall be held liable to fulfill their responsibilities to protect the confidentiality, integrity and accessibility of all kinds of information in electronic, paper and other forms, when deemed necessary, they should be aware that they may be held accountable for any violations.

Chairman

Firuzhan KANATLI