To take the necessary measures to ensure the confidentiality, integrity, and availability of information.

To classify all environments and processes in which data/information is located, to keep risks at the minimum level through regular risk management practices, to prevent security breaches, and to ensure business continuity.

To recognize that institutional information is a valuable asset and to raise awareness among employees regarding information security.

To increase awareness throughout the organization that information belonging to third parties does not belong to the institution and constitutes entrusted assets that must be protected.

To raise awareness among stakeholders in order to ensure that institutional information shared with third parties is protected by those parties.

To act in compliance with legal and other applicable requirements.

We confirm that we will strengthen our Information Security Management System through a philosophy of continuous improvement.