Information Security Policy

In our institution, access controls in accordance with the principle of knowing as much as necessary within the framework of legal compliance are applied and security measures are taken in accordance with the developing technology. Considering information security threats, information security risk management is carried out, which provides an appropriate balance between risks and measures in terms of corporate business processes. Our information security objectives within the framework of our foundation purposes; 

  • Ensuring information security and business standardization in the management of information systems,
  • To maximize the confidentiality, integrity and accessibility of the data processed in the institution,
  • Ensuring compliance with legal regulations, ISO / IEC 27001 Standard and contracts made with third parties and improving them continuously,
  • Increasing information security awareness of staff, stakeholders and third parties.
  • To protect corporate critical business activities from the effects of major disasters and operational errors and to ensure that they continue with minimum interruption,
  • To identify information security risks that may adversely affect our institution, to manage them effectively, to reduce them to acceptable levels, to work with a continuous improvement approach to protect information,
  • To protect corporate information from possible threats and dangers and to ensure that it is affected at the lowest level.


It is committed by our institution that the above-specified information security objectives will be realized, the relevant conditions determined.