Eaglessoft Information Security Management System (ISMS) Policy – ISO/IEC 27001:2022 Compliant

In alignment with TS EN ISO/IEC 27001:2022, Eaglessoft’s Information Security Management System (ISMS) is designed to protect all information assets related to the design, production, organization, and verification of military and civilian electronic devices, systems, and subsystems.
Our primary goal is to ensure that information security is fully integrated into all operational processes and supported by continuous improvement.

ISMS Policy

At Eaglessoft , we are committed to:

● Protecting All Information Assets

Safeguarding information against any internal or external threat—intentional or unintentional—is a top priority. We ensure business process continuity by maintaining the required level of information accessibility and by fully complying with all legal and regulatory obligations.

● Maintaining the Core Principles of ISO 27001

We ensure the continuous protection of the three fundamental pillars of information security:

• Confidentiality: Preventing unauthorized access to sensitive and critical data.
• Integrity: Ensuring the accuracy, consistency, and completeness of information.
• Availability: Guaranteeing that authorized users can access information whenever needed.

● Securing All Forms of Information

Our information security approach covers data stored not only electronically but also in printed, written, verbal, or any other physical format.

● Increasing Information Security Awareness

We provide regular Information Security Management training to all employees to ensure a high level of awareness and adherence to security standards.

● Reporting and Managing Security Incidents

All personnel are required to report any actual or suspected security vulnerabilities. The ISMS Team evaluates and investigates all incidents to ensure timely resolution and risk reduction.

● Ensuring Business Continuity

We develop, maintain, and periodically test business continuity plans to ensure resilience against potential disruptions.

● Conducting Regular Risk Assessments

We perform regular Information Security risk assessments, monitor existing risks, review action plans, and implement improvements based on assessment outcomes.

● Preventing Conflicts of Interest

We take necessary measures to avoid disputes or conflicts of interest that may arise from contracts or business relationships.

● Meeting Business and System Requirements

We ensure full compliance with business needs, accessibility requirements, and information system standards to support operational efficiency and security.