Skip to main content
Fil Filter — Original Equipment

Legal / Information Security

Information
security policy.

Built around the ISO/IEC 27001 Information Security Management System — the framework that governs how Fil Filter protects information across people, processes and technology.

Certification Framework

TS EN ISO/IEC
27001:2013

Our Information Security Management System (Bilgi Güvenliği Yönetim Sistemi) is certified to TS EN ISO/IEC 27001:2013 — the international standard for the systematic management of information-security risk. The standard governs how we identify assets, assess threats, apply controls and continuously review the effectiveness of those controls.

Three Foundational Pillars

Confidentiality, integrity,
availability — every day.

Gizlilik

Confidentiality

Prevention of unauthorised access to sensitive information — across personnel, systems, customer data and third-party records.

Bütünlük

Integrity

Demonstrable accuracy and completeness of information — across the full data lifecycle from capture to disposal.

Erişilebilirlik

Availability

Authorised parties have access to the information they need, when they need it — supported by tested business-continuity plans.

Last updated: 05 May 2026

1. Scope

This policy covers every form in which information exists at Fil Filter — electronic, written, printed, oral and any equivalent medium — and applies to all personnel, infrastructure, software, hardware, customer and organisational data, third-party information and financial resources.

2. Objectives

Information security management is maintained across our production, products and services. The policy establishes risk-management assurance, measures the performance of the management system and regulates the security expectations placed on our third-party relationships.

3. Core Commitments

  • Protect organisational information assets from internal and external threats, whether intentional or unintentional.
  • Ensure information accessibility aligns with business-process requirements.
  • Meet all applicable legal and regulatory requirements.
  • Maintain the continuity of confidentiality, integrity and availability across every activity.

4. Operational Practices

  • Provide information-security training to all personnel to maintain awareness.
  • Report suspected or actual security gaps to the ISMS team and investigate them through the ISMS coordinator.
  • Prepare, maintain and test business-continuity plans on a defined cycle.
  • Conduct periodic security assessments to identify existing and emerging risks.
  • Review and monitor remediation action plans against assessment findings.
  • Prevent contractual disputes and conflicts of interest in information-handling processes.

5. Cybersecurity Measures

  • Critical machines and production systems are isolated from external networks.
  • Users are trained on prevailing cyber threats and the protective measures expected of them.
  • Software, hardware and information services are procured exclusively from trusted vendors.

6. Governance & Review

This policy is reviewed periodically by senior management and the ISMS coordinator to ensure it remains aligned with our operations, our certification obligations and the prevailing threat landscape. The current version date is shown below.