Information Security Policy

The purpose of this policy  is to describe the information security management system which is created with the approval of the Top Management to manage Turkcell’s information security needs and how the information security polices, which are the most important elements of this system, are structured.

We determine the strategy, focus, target and road map to ensure information security.
We ensure and maintain the information security, confidentiality, integrity and availability objectives of information assets.
We increase the reputation of the company by working to comply with standards, laws and agreements regarding information security.
We evaluate stakeholder demands regarding information security.
We analyze security risks and controls in order to systematically manage information security risks and support an effective risk management approach to eliminate identified risks or reduce them to an acceptable level.
We determine roles and responsibilities and allocate the necessary resources for the management of information security risks and the healthy functioning of security controls.
We establish the necessary systems to manage information security violations and take appropriate measures to prevent their recurrence.
We carry out awareness studies and create competent human resources in order to ensure compliance of relevant parties with standards in terms of information security.
We keep information security documentation up to date.
We carry out studies towards a mature and advanced information security.
Within the scope of information security; It is the responsibility of the senior management to prepare, update and monitor the implementation of the Information Security Policy and supporting procedures and to establish mechanisms that will ensure the execution of activities related to this Policy.