Policies and Certificates

As Yaşar Bilgi İşlem ve Ticaret A.Ş., our objective is to:

• Ensure that the policies and standards of our information security management system are defined, documented, resourced, and continuously improved in a manner that meets the requirements of the ISO 27001 standard.

• To ensure compliance with all legal regulations and contracts related to information security,

• To Protect personal data in accordance with the Turkish Personal Data Protection Law (KVKK), and safeguard the confidentiality, integrity, and availability of information,  

• To ensure the identification and systematic management of risks related to business processes,

• To Conduct training, drills, and awareness activities to enhance the technical and behavioral competencies of our employees and to increase information security awareness, 

• To ensure the continuity of the organization's core and supporting business activities with minimal disruption, 

• To maintain and improve the organization's reliability by protecting the confidentiality, integrity, and availability of assets,

• To Detect, report, and effectively manage security incidents through threat intelligence, monitoring activities, and incident management processes, 

• To manage security breaches encountered by our organization and ensure the application of criminal sanctions when necessary, by managing our activities in an integrated and efficient manner alongside the other management systems we implement, and to work with all our strength to become an exemplary organization in the technology sector through our leadership in information security.

In line with this objective, top management is committed to providing the necessary resources for the effective implementation and maintenance of the Information Security Management System and to supporting its continual improvement.