Information Security Policy

With the awareness that the information produced must be protected at the highest level of security, we aim to ensure business continuity, protect the institution’s reliability and image, reduce the impact of potential threats by preventing information security incidents or minimizing damage risk, and manage printed and electronic information in accordance with legal regulations and risk-based methods based on the following principles:

Confidentiality: Preventing unauthorized access to important information.

 Integrity: Ensuring and demonstrating the accuracy and completeness of information.

Availability: Ensuring information is accessible to authorized users whenever needed.

• Fulfilling the requirements of information security standards,
• Identifying risks to information assets and systematically managing and securing risk management,
• Continuously reviewing and improving the Information Security Management System,
• Organizing trainings to increase information security awareness and to enhance technical and behavioral competencies, as well as developing core policies,
• Clearly defining roles and responsibilities to establish an effective information security awareness process,
• Measuring the performance of information security processes,
• Ensuring compliance with legal requirements,
• Ensuring compliance with contractual obligations,
• Protecting information assets,
• Protecting against unauthorized access that may compromise information integrity,
• Ensuring the confidentiality and security of information and data.

We declare and undertake.