INFORMATION SECURITY
ARY YAZILIM Information Security is the protection of the institution's reputation, reliability, information assets, and the continuation of basic and supporting business activities with the least possible interruption,
- Protecting the information assets that the institution processes, maintains and shares with other organizations in accordance with the principles of confidentiality, integrity and accessibility,
- Developing the management system established to manage information assets, determine the security values, needs and risks of the assets, implement controls for security risks and ensuring continuous improvement,
- Evaluating the risks arising from the activities in accordance with the institution's vision and mission and determining continuous improvement needs and opportunities,
- Following up with technological developments and changes within the scope of the service provided,
- Ensuring business continuity by reducing the impact of information security risks,
- Ensuring compliance with the national and international regulations, legal and relevant legislative requirements, obligations arising from agreements, corporate responsibilities towards internal and external stakeholders,
- Having the competence to rapidly intervene in information security incidents that may occur and minimize the impact of the incident,
- Protecting and improving the level of information security over time with a cost-effective control infrastructure,
- Developing the institution's reputation, protecting it from negative impacts based on information security,
- Preserving personal information within the scope of the Personal Data Protection Law,
- Conducting trainings that will improve the information security awareness and competencies of employees, To be an exemplary organization in the sector by providing the necessary support and integrating with other management systems.
Each ARY YAZILIM member is responsible for acting in line with these specified goals and contributing to the system.