Information Security Policy
With its Information Security Policy, Katılım Emeklilik undertakes:
- To protect the confidentiality of customer and personnel information in order to protect the privacy of personal information,
- To implement the infrastructure and controls that will protect the integrity of information and ensure its continuous accessibility,
- To establish an information security organization in order to manage and coordinate information security activities,
- To identify ownership and manage risks on information assets by taking inventory of information assets,
- To carry out information security incident management activities, including the steps of detecting, reporting, and preventing the recurrence of information security incidents,
- To implement a sufficient level of awareness program for all personnel and to ensure the participation of all employees in order to meet information security requirements,
- To take the necessary physical and environmental security measures in order to ensure the security of information in the areas where data is processed,
- To determine and implement the security requirements in the acquisition, development, and maintenance of information systems,
- To require employees to comply with the determined information security policies, processes, legal and regulatory obligations,
- To carry out business continuity activities to prevent interruptions in business activities and to ensure continuous access to information,
- To implement the necessary security controls in all relevant areas in order to control access to information and prevent unauthorized access,
- To apply the necessary security controls in the operation of information systems activities, to define the roles and responsibilities for the same,
- To ensure and implement periodic controls in order to deliver the ISMS policy to all internal and external parties and keep it up to date.