Buyuk-energy-kls commits to ensuring the confidentiality, integrity, and availability of information within the framework of the TS ISO/IEC 27001 Information Security Management System (ISMS) standard, in line with the institution's mission and vision, by undertaking the following:

Defines information security objectives and activities, plans, implements, monitors the ISMS, and ensures its continuous improvement;

Describes how the conducted activities meet the requirements of regulations, contracts, standards, and business needs;

Defines how it meets the requirements of the Personal Data Protection Law (KVKK);

Conducts ISMS activities in an integrated manner with other management systems established within the organization;

Determines tasks, roles, responsibilities, and necessary resources within the scope of the ISMS;

Establishes an inventory of information assets by determining criteria for confidentiality, integrity, and accessibility;

Identifies, assesses, and implements appropriate risk treatment options for existing and potential risks to manage information security;

Implements business continuity planning, executes these plans, and ensures continuous improvement of the process;

Follows current technologies and innovations in information security, developing solutions;

Takes necessary measures to ensure that all stakeholders comply with the established information security requirements;

Ensures the announcement, accessibility, awareness, and implementation of this policy;

Initiates and follows up on relevant processes in the event of a violation of this policy.