Kurumsal Yazilim Information Security Policy

Kurumsal Yazılım has adopted the following objectives as its policy to protect the organization’s reputation and reliability, safeguard its information assets, and ensure the continuity of its core and supporting business activities with minimal disruption:

• To protect the confidentiality, integrity, and availability of the information assets processed, stored, and shared with other entities,
• To manage information assets by identifying their security value, requirements, and risks, and to develop a management system for applying security controls and ensuring continuous improvement,
• To evaluate risks arising from operations in line with the organization’s vision and mission, and to identify continuous improvement needs and opportunities,
• To keep up with technological developments and changes relevant to the scope of services provided,
• To ensure business continuity by minimizing the impact of information security risks,
• To comply with applicable national and international regulations, legal and regulatory requirements, contractual obligations, and corporate responsibilities towards internal and external stakeholders,
• To possess the competence to promptly respond to potential information security incidents and minimize their impact,
• To maintain and enhance the level of information security over time through a cost-effective control infrastructure,
• To protect and enhance corporate reputation by preventing adverse effects based on information security,
• To preserve personal data in accordance with the Personal Data Protection Law,
• To deliver training that enhances employees’ awareness and competencies in information security, and to set an example in the industry by integrating with other management systems and providing the necessary support.

Each company member under the Kurumsal Yazılım umbrella is responsible for acting in accordance with these objectives and contributing to the system.