• 444 4 937
  • EN (English)

Our Information Security Policy

Enterprise Bilgi Güvenliği Politikası

Enterprise Information Security aims to protect the institution's reputation, reliability, and information assets, and to ensure the continuation of core and supporting business activities with the least possible disruption.

 

  • Protecting the information assets that the institution processes, maintains, and shares with other organizations according to the principles of confidentiality, integrity, and accessibility.
  • Developing a management system established to manage information assets, identify the security values, needs, and risks of assets, and implement controls against security risks, and ensuring continuous improvement.
  • Assessing risks arising from activities in accordance with the institution's vision and mission, and identifying continuous improvement needs and opportunities.
  • Keeping pace with and monitoring technological developments and changes within the scope of service provided.
  • Ensuring business continuity by mitigating the impact of information security risks.
  • Ensuring compliance with national and international regulations, legal and relevant legislative requirements, obligations arising from agreements, and corporate responsibilities towards internal and external stakeholders.
  • Possessing the competence to rapidly respond to potential information security incidents and minimize their impact.
  • Maintaining and improving the level of information security over time with a cost-effective control infrastructure.
  • Improving the institution's reputation and preventing negative information security-based incidents. Protecting personal information from these influences,
  • Protecting personal information within the scope of the Personal Data Protection Law,
  • Providing training to improve employee information security awareness and competencies, and becoming an exemplary organization in the sector by providing the necessary support and integrating with other management systems.

 

Each Enterprise member is responsible for acting in line with these stated objectives and contributing to the system.