Information Security Policy

Synchron prioritizes information security in line with its vision, mission, values, and strategic goals.

Management Commitments
Synchron management aims to:

• Preserve the institution’s reliability and image,
• Ensure contracts meet information security requirements, and
• Maintain core and supporting activities with minimal interruptions.

Synchron commits to safeguarding and protecting the confidentiality, integrity, and availability of the institution’s information assets.

Information Security Framework

• Risks are identified, assessed, and managed within the institution’s risk management framework.
• Users of the institution’s IT infrastructure must:
  • Protect the confidentiality of information in personal or electronic communication and third-party data exchanges,
  • Back up critical information according to its level of importance,
  • Take security measures proportional to risk levels,
  • Report observed information security breaches to the relevant unit, and
  • Avoid behaviors that could result in information security violations.

Employees, suppliers, visitors, and external parties must comply with this policy, along with related procedures and instructions.

Commitment to Improvement
Synchron management is responsible for supporting and maintaining the information security infrastructure. The institution ensures awareness by providing “Information Security Awareness Training” as e-learning or classroom sessions to all employees. Synchron is committed to continuously improving information security, meeting legal and regulatory expectations, and fulfilling the applicable requirements of stakeholders.

Non-Compliance and Measures
Violations of information security policies, procedures, or instructions may result in warnings, reprimands, or termination of contracts as per the institution’s personnel regulations.

Senior Management Support
Senior management pledges full support for:

• Protecting information assets,
• Creating awareness of information security,
• Building a unified corporate culture,
• Identifying risks and resolving vulnerabilities, and
• Enforcing necessary actions and penalties in case of security breaches.

Auditing and Compliance
The institution ensures compliance with information security requirements through internal and external audits. Results are reported to management, and appropriate actions are taken based on the findings.