INFORMATION SECURITY MANAGEMENT SYSTEM POLICY

Our company, as its management, performs the establishment of information technology infrastructure based on local and wide area networks in all kinds of enterprises and institutions, depending on the mission, vision and policies that have been expressed in the Quality Management System, and provides operation and consultancy services with its operation and support, It meets the information processing needs of businesses and institutions that require high technical knowledge and experience with the method of outsourcing.

Information security is the activities of the institution to protect the confidentiality, integrity and usability of the information produced, prepared and responsible to its parties. These activities should ensure that the information is protected to encompass other characteristics such as accuracy, explainability, non-denial and reliability.

Services that our company is obliged to fulfill its information security activities:

  • Continuity of data processing services will be provided under an institutional roof, independent of individuals, within the scope and limits of the ISMS.
  • Structuring of network installations that require high knowledge and experience will be provided within the scope and boundaries of the ISMS.
  • Operation and technical support services required for the continuous operation of existing networks in institutions / organizations will be provided within the scope and boundaries of the ISMS.
  • Providing operator services and ensuring data security in routine works based on information technology infrastructure / hardware / software system will be included within the scope and boundaries of ISMS.
  • Meeting the expectations of the institutions / organizations we serve under the contract at a high level, increasing their information processing capabilities, helping them reach their activity / process / performance targets by informing them about technological developments will be continued within the scope and boundaries of the ISMS.
  • Accepting that all kinds of confidential / commercial / private information processed in all information technology systems we serve within the scope and boundaries of the ISMS is the privacy of the customer of the institution / organization we serve, this information is in any place / person / institution / organization without the knowledge / approval of the customer. Unattainability will be ensured by adhering to the Integrity / Availability conditions.
  • The ISMS policy will comply with the legal and regulatory requirements, and will take into account the obligations or dependencies arising from contracts or third parties, provided that it remains within the scope and boundaries of the ISMS.

Our company establishes the necessary control mechanisms for the performance of information security activities. A draft study has been initiated in order to determine control targets, to conduct controls and to ensure their continuity. In this study, the risk management and risk control structure, on which the controls will depend, has been established.

Our company, which works especially for organizations that request services based on outsourcing, has to guarantee that the most important capital and existence of the institutions / organizations that receive service from it, without seeking good or bad faith, by third parties. It is a basic necessity to carry out activities that are stipulated by the specifications and included in the provisions of the contract, and that the highest executive structure in the fields of activity of the institution / organization is required to comply with the laws and the relevant legislation rules.

In order to fulfill these requirements, arrangements will be made on the basis of hardware and software, and awareness - awareness - application - development training and exercises will be carried out for all our personnel.

Another dimension of information security is providing business continuity management. For this reason, by providing the necessary backup structures, breakage and rupture situations in the areas under the responsibility of our company in any business continuity structure will be eliminated.
 

In the ISMS documentation established to support our information security policy;

  • Rules to be followed
  • Processes
  • Procedures
  • Controls

It is located.