Information Security Policy
Petrochemical Company, in order to carry out its mission in
pursuit of security objectives and reduction of information
security related events, has implemented the
information security management system in all its
business processes in the field of IT
management in accordance with the standard ISO 27001:2013.
In this regard, the company is
committed to the following principles:
1. Define, approve, confirm, modify
and enforce the information security procedures in the company and monitor its
good implementation, while taking the following items into account in the
information security procedures of the company:
the confidentiality of information by preventing unauthorized access
the integrity and accuracy and prevent the unwanted change of information
the availability of information for business processes for authorized persons
compliance with all upstream, internal and legal requirements.
management of hazards associated with exposures &
implementation, maintenance and testing of business continuity plan
the risks associated with information security
the company's computer network securely
Securely develop & supply the company’s software.
events associated with information security by ensuring that all of the
security holes and threats contained in the company are
reported and permanently addressed to them.
a culture of IT security at the company
level with the
confidence of Culturalization and information security training for all the personnel
of competencies and employee participation in continuous improvement of
information security management system
The management of the company is
committed to providing the resources and facilities necessary to meet the
requirements of this standard and to realize the above-mentioned issues and to
support the objectives and related programs.
The information security management
policy is also understood by all colleagues of the company and revised annually as needed.