Our Information Security Policy

As an establishment, in order to protect reputation, reliability and information assets, to ensure minimum disruption in the course of both principal and secondary business activities, we:

  • Protect all information assets that the company processes, keeps and share with other organizations in accordance with confidentiality, integrity and accessibility principles,
  • Ensure the continuous development and improvement of the management system built to manage information assets, to identify these assets’ informative worth, requirements and risks and to apply necessary control mechanisms regarding security risks,
  • Evaluate the risks arising from our activities according to our company vision and mission, determine the needs and opportunities for continuous improvement,
  • Keep up with technological developments and changes that fall within the scope of our services,
  • Ensure business continuity by reducing information security risks’ impact,
  • Comply with national and international regulations, legal and relevant legislations requirements, obligations due to agreements, and corporate responsibilities toward internal and external stakeholders,
  • Ensure the competence to respond quickly to any information security incidents that may occur and to minimize incident’s impact,
  • Maintain and improve the level of information security over time with a cost-effective control infrastructure,
  • Improve our institution’s reputation and protect it from negative effects based on information security,
  • Preserve personal information in line with the Law on Protection of Personal Data,
  • Carry out trainings aiming to improve our employees’ awareness and competencies about information security, target to be an exemplary organization in the sector by integrating with other management systems and providing the necessary support.

Each Usta Bilgi Sistemleri employee is responsible for contributing to these goals.