Menu

Our Certificates and Documents

EİMZATR ISMS POLICY

The main theme of the TS EN ISO 27001:2013 Information Security Management System is; In EİMZATR, in the IT activities used in electronic certificate creation and service, signing digital certificates, providing technical support and consultancy services; people, infrastructure, software, hardware, organizational information, third It is the process of information security management, to show that information security management is ensured within personal information and financial resources, to ensure risk management, Third place in measuring performance and information security related issues; To ensure the regulation of relations with the parties.
In this direction, the purpose of our ISMS Policy is;

  • Manage information assets, determine the security values, needs and risks of assets, develop and implement controls for security risks.
  • To define the level to be determined by the methods to determine the information assets, values, security needs, vulnerabilities, threats to assets and the frequency of threats.
  • Defining a framework for assessing the privacy, integrity, accessibility impacts of threats on assets.
  • To set forth the working principles for the processing of risks.
  • Constantly monitoring risks by reviewing technological expectations in the context of the scope of service.
  • To meet the obligations arising from the national or international regulations to which it is subject, to fulfill the legal and relevant legislation requirements, to meet the obligations arising from the agreements; To provide information security requirements arising from company responsibilities towards external stakeholders.
  • Reducing the impact of information security threats to service continuity and contributing to continuity.
  • To have the competence to quickly intervene in information security incidents that may occur and to minimize the impact of the incident.
  • Protecting and improving the level of information security over time with a cost-effective control infrastructure.
  • To improve the reputation of the company and to protect it from negative effects based on information security.
×