Information Security Policy

Idea Teknoloji Cozumleri Information Security Policy

The Information Security Policy followed by Idea Teknoloji Cozumleri is to ensure the confidentiality, integrity and accessibility of information belonging to all parties and to Idea Teknoloji Cozumleri, to assess the risks taking into account the vulnerabilities and threats to assets, to reduce risk whenever possible, to review and approve residual risk and to reduce the acceptable risk level to the extent that it can be handled by technology.

To meet the requirements of the Information Security Policy, Idea Teknoloji;

  • Organizes awareness programs with personnel,
  • Carries out joint projects with suppliers, customers and partners to ensure continuity of the system where necessary,
  • Comply with all relevant laws of the countries in which it operates.


Idea Teknoloji Cozumleri offers companies corporate business solutions to enable them to execute their business processes more effectively. While offering its customers products and solutions, it has access to business forms and data that is of strategic importance for the customer. In this context, both Idea Teknoloji Cozumleri employees and suppliers should act in accordance with the “Idea Teknoloji Information Security” policies for Idea Technology Services and information assets as well as for the purpose of ensuring the confidentiality, integrity and accessibility of information assets of institutions served. Our policy to meet security expectations consists of the following:

  • To ensure the confidentiality of information reached / used / disclosed,
  • Ensuring business continuity,
  • Prevent or minimize the effects of security breaches that may occur
  • Minimising job losses.

Idea Teknoloji Cozumleri takes the following necessary precautions against any threats that may occur internally or externally, either knowingly or unknowingly;

  • Preventing access by unauthorized persons who attempt to disrupt the confidentiality of information,
  • Providing business continuity as required to ensure information accessibility, and prepare, maintain, test business continuity plans,
  • Meeting regulatory requirements,
  • Ensure reporting of all existing or suspicious vulnerabilities in information security and to develop practices for the initiation of the process for investigation,
  • To meet business requirements for information accessibility and information systems

To meet commitments and ensure business continuity, Idea Teknoloji Cozumleri observes the following;

  • It is not an institution that undertakes risks in technological, legal, financial and natural environments, but an institution that takes risks in international, local, cultural, social, political and economic areas
  • Performs risk analysis,
  • Identifies measures to be met following risk analysis
  • Allocates resources required for measures (for hardware, software, personnel, infrastructure and training programs),
  • Determines duties, roles and responsibilities for employees,
  • Defines security processes, ensures implementation and monitoring,
  • Prepares the policies needed for security expectations, ensures implementation and improvement.