Protecting the confidentiality of our stakeholders' information to ensure the privacy of personal information.
Fulfilling information security obligations arising from legal and other conditions related to our activities.
Protecting the accessibility, integrity, and confidentiality of all kinds of information produced, stored, and transmitted.
Ensuring that information stored in information assets is stored securely, transported safely, backed up against corruption, and disposed of securely when no longer needed.
Implementing information security controls in recruitment, job change, and termination processes.
Making confidentiality agreements with employees, suppliers, and interns.
Ensuring the protection of information belonging to our employees and stakeholders by organizing training sessions to increase information security awareness and enable contributions to the system's functioning.
Ensuring the minimum authorization principle required for user authorization and regularly checking the authorizations.
Ensuring network security against threats from external networks.
Carrying out business continuity activities to prevent interruptions in business activities and ensure continuous access to information.
Conducting necessary security controls in all relevant areas to control access to information and prevent unauthorized access.
Creating an inventory of information assets, determining ownership, and conducting risk assessments for information assets.
Providing secure access to information needed by business processes at any time, regardless of time and place.
Establishing the necessary organizational structure, resources, and infrastructure to detect, report, and take action against information security violation incidents as soon as possible, and applying necessary sanctions in case of information security violations.
Taking the necessary physical, environmental, and electronic security measures to ensure the security of environments where information is processed.
Determining targets within the scope of the Information Security Management System and taking the necessary actions to achieve these targets.
