INFORMATION SECURITY MANAGEMENT SYSTEM POLICY

The main theme of the TS EN ISO 27001: 2013 Information Security Management System; National KEEP NK Bilişim Cyber Security Services; To demonstrate that information security management is provided within human, infrastructure, software, hardware, user information, organization information, information belonging to third parties and financial resources, to ensure risk management, to measure information security management process performance and to determine the relations with third parties on information security issues. to regulate.
In this direction, the purpose of our ISMS Policy is;

  • To protect the information assets of National KEEP -  NK Informatics Cyber Security Services against all kinds of threats that may arise from inside or outside, knowingly or unintentionally, to ensure the accessibility of information with business processes, to meet the requirements of legal regulations, to work for continuous improvement,
  • To ensure the continuity of three basic elements of the Information Security Management System in all activities carried out:

Confidentiality       : Prevention of unauthorized access to important information,
Integrity                 : Showing the accuracy and integrity of the information,
Accessibility          : Demonstration of those who are authorized to access information when necessary,

  • Not only data kept electronically; To deal with the security of all data in written, printed, verbal and similar media.
  • To raise awareness by giving Information Security Management trainings to all personnel,
  • To report all existing or suspicious gaps in Information Security to the ISMS Team and to ensure that they are investigated by the ISMS Team,
  • To prepare, maintain and test business continuity plans,
  • To determine existing risks by making periodic evaluations on Information Security; As a result of the evaluations, to review and follow up the action plans,
  • To prevent all kinds of disputes and conflicts of interest that may arise from contracts,
  • To meet business requirements for information accessibility and information systems.