To carry out the implementation, operation and improvement of the Information Security Management System with the contribution of the relevant parties.
To ensure that the identified infrastructure needs are met, maintained and implemented to ensure information security.
To keep the risk value at a minimum level by identifying, evaluating and processing the necessary risks against the threats that may be exposed inside and outside the company for the information assets of the company.
Include clauses in contracts with third counterparties that aim to protect physical and electronic information assets that affect the entire operation of the company.
To increase the level of awareness by providing training to all employees on how to act in accordance with the company's security requirements.
To protect the confidentiality, integrity and accessibility of information belonging to customers, business partners, suppliers or other third parties.
To meet the information security requirements arising from the national, international or sectoral regulations to which it is subject, performing the legal and relevant legislation requirements, meeting the obligations arising from the agreements, and corporate responsibilities towards internal and external stakeholders.
Designing processes for compliance with laws, internal policies and procedures, technical safety standards.
To ensure the confidentiality, integrity and accessibility of company information in personal and electronic communication.
They do not use the company's IT resources for activities contrary to the laws and related regulations.
To ensure that basic and supporting business activities continue with minimum interruption.
To implement the necessary sanctions in case of violation of information security.