Information Security Policy

In line with ISO 27001:2022 Information Security Management System Standard;

In order to ensure the continuous development of our information security management system, we aim to identify information assets and identify these assets;

  • Addressing issues such as business impact, cost of retrieval, confidentiality of information, impact on image, damage to legal and regulatory obligations, threat possibilities, multiplicity of vulnerabilities and the capacity of existing controls to cover these vulnerabilities, attacker motivation, attraction of adversaries to information, gaps in access controls and information To identify and evaluate risks to the confidentiality, integrity and accessibility of information by addressing threats to its integrity,
  • Implementing the necessary controls for all assets above the acceptable risk level,
  • Measuring the performance of information security processes,
  • Creating targets from this data,
  • To minimize our weaknesses and threats through infrastructure, working environment, hardware, software and training investments,
  • We are committed to meeting the security needs of our business, our customers and legal requirements.


Sahabt Yazılım Danışmanlık ve Eğitim A.Ş.