Information Security Policy
As İstanbul Bilgi University, our goal is to ensure the security of information used to carry out the activities of the University in all forms, locations, and processes by considering the principles of confidentiality, integrity, and availability.
In order to reach that goal, we guarantee the following:
- To implement and go beyond the conditions stipulated by laws, standards, and procedures regarding the issues of information security,
- To manage Information Security Management System in accordance with TS/ISO 27001:2013,
- To ensure that necessary organizational structure, resource, and infrastructure are formed in order to report information security violations and take action as quickly as possible,
- To ensure that the activities of keeping, transferring, changing, accessing, and processing the information assets are controlled on the basis of the best existing practices to protect our information assets and that the in-process controls are established with the segregation of duties,
- To announce this policy to all of our staff and provide the required resources and training to implement it,
- To internally audit the institution to ensure adaptation to Information Security Management System and continuous improvement, and to consider their results in the administrative review meetings,
- To pay attention to the Information Security performance of suppliers and contracting firms and their subcontractors and to collaborate with them with regard to issues of Information Security Management System,
- To work constructively with official institutions, people, and related citizens with regard to ISMS issues,
- To ensure that necessary sanctions are imposed in case of security breaches.