Information Security Policy


To ensure the continuous development of our information security management system, we aim to identify information assets and to ensure that these assets are;

BUSINESS IMPACT: by addressing issues such as the cost of replacing the asset, the confidentiality of information, its impact on the image, and the damage it will cause in terms of legal and legal obligations,

POSSIBILITY OF THREAT: addressing the diversity of weaknesses and how well existing controls cover these weaknesses, attacker motivation, the attractiveness of information to adversaries, vulnerabilities in access controls, and threats to the integrity of information,

  • To identify and evaluate risks regarding the confidentiality, integrity and accessibility of information,
  • Implementing the necessary controls for all assets above the acceptable risk level,
  • Measuring the performance of information security processes,
  • Creating targets from this data,
  • Minimizing our weaknesses and threats through infrastructure, working environment, hardware, software and training investments,
  • To meet the security requirements required by our business, our customers and legal requirements,

Our policy; It is openly published on our website, announced in detail in the common site, reviewed in management review meetings, and revised as necessary in line with the determined goals.

Berkay Aktan