The main theme of TS EN ISO 27001:2013 PRIVACY Management System is in the IT activiBindings used in the services of our companies: To demonstrate that PRIVACY management is achieved within human, infrastructure, software, hardware, organizational information, third-party information, and financial resources, to ensure risk management, to measure PRIVACY management process performance and to ensure the regulation of relations with third parBindings on PRIVACY-related issues.
In this regard, the purpose of our ISMS Policy is
- Managing information assets, determining SECURITY values, needs, and risks of assets, developing and implementing controls for SECURITY risks,
- To define the framework that will be determined by the methods for determining information assets, values, SECURITY needs, vulnerabiliBindings, threats to assets, and the frequency of threats,
- Defining a framework for assessing the confidentiality, integrity, and availability impacts of threats on assets,
- To set out the working principles for handling risks,
- To constantly monitor risks by reviewing technological expectations in the context of the scope of service,
- To ensure PRIVACY requirements arising from national or international regulations to which it is subject, to fulfill legal and relevant regulatory requirements, to meet its obligations arising from agreements, and the Company's responsibiliBindings towards internal and external stakeholders,
- Reducing the impact of PRIVACY threats to service continuity and contributing to continuity,
- Having the competence to quickly intervene in PRIVACY incidents that may occur and minimize the impact of the incident,
- To maintain and improve the PRIVACY level over time with a cost-effective control infrastructure,
- To improve the Company's reputation and to protect it from PRIVACY-based negative effects.