Freebird Airlines attache primary importance to information security in line with its objectives, values and strategic objectives.
Freebird Airlines (Corporate) management aims;
- To protect the reliability and image of the institution,
- To ensure that the contracts fulfill information security requirements, and
- To ensure that the basic and supporting activities of the organization continue with minimal interruption.
In this context, Freebird Airlines undertakes to take measures to ensure and protect the confidentiality, integrity and availability of the information assets of the institution.
The Information Security Policy is managed according to the circulars published by DGCA, USOM and CDDO.
Identifying, evaluating and processing information security risks are handled within the scope of the institution’s risk management processes.
Anyone who uses the organisation’s information technology infrastructure and accesses information resources:
- Ensures the confidentiality of the information of the institution in personal and electronic communications and information exchanges with third parties, backs up the information it processes according to its criticality levels,
- Takes security measures determined according to risk levels,
- Have knowledge about information security violations, do not engage in violative behaviors and reports any observed information security violation incidents to the Information Security Department.
- Does not share internal information resources with unauthorised persons and does not use them for activities contrary to the laws and regulations of the Republic of Turkey.
External parties such as employees of the organisation, third parties, suppliers, customers, and visitors are obliged to comply with this policy and other policies, procedures and instructions that ensure the implementation of this policy.
Freebird Airlines management is responsible for supporting and maintaining the operation of the information security infrastructure.
The Authority is committed to providing "Information Security Awareness Training" to all employees as e-training or classroom training in order to ensure awareness, to continuously improve information security, and meet the applicable expectations of the relevant parties with legal regulations and requirements.
In case of non-compliance with information security policies, procedures and instructions, sanctions such as warning, reprimand, and contract termination are applied in accordance with the personnel regulations of the institution.
Senior management of the institution is ready to provide all kinds of support in protecting information assets, creating information security awareness, creating common corporate culture, identifying risks and taking necessary actions to close weaknesses, and executing the necessary sanctions in case of security violations within the framework of the rules specified in the Information Security Policy.
The organization ensures compliance with Information Security requirements through internal and external audits, submission of audit results to the management and implementation of actions related to these results.