Within the scope of the ISO 27001 Information Security Management System standard, our Company's Executives aim to fulfill the following tasks so as to ensure that the work is carried out and maintained smoothly. The company commits;
- To realize the objectives and policies determined within the scope of ISO 27001, to establish and manage the Information Security Management System (ISMS) within the scope of national law in line with the requirements specified in ISO/IEC 27001,
- To protect the Company's brand reputation, reliability and image,
- To provide secure access to the information assets of itself and its stakeholders and to take action against potential vulnerabilities identified and to carry out corrective actions,
- To ensure the confidentiality, integrity and accessibility of personal and corporate information for which it is responsible for its security,
- To organize information security awareness trainings throughout the company and to continue infrastructure investments,
- To make the appointments of the ISMS Team members and to make new appointments regarding the change of duty in case of any change in the members of the ISMS Team,
- To assign responsibility, set an example and assist Company employees in information security,
- To ensure that the information security approach determined and implemented by the Executives is adopted by all employees of the Company and to provide verbal and written support to employees involved in information security activities where requested,
- To comply with the requirements of the Information Security Management System defined, established and implemented by the Company and allocate the budget and resources necessary for the efficient operation of the system, monitor its effectiveness, implement continuous improvement processes and ensure that it is understood by all employees,
- To create control points, maintain and improve the level of information security through the infrastructure established within the company,
- To carry out control and audit activities against internal and external factors that may pose a threat to information security activities and violations that may occur, and to impose sanctions if necessary,
- To reduce information security threats that may affect service continuity and to ensure business continuity and sustainability,
- To comply with information security requirements, compliance with all relevant legal regulations and confidentiality rules committed in the contracts and comply with the SLAs defined to maintain the services in this respect.
For Turkish version, please click here
