Information Security Policy

Özyeğin University is dedicated to upholding compliance with relevant laws, standards, and the obligations set forth in national, international, or sectoral regulations that pertain to the University. This commitment extends to meeting contractual obligations and satisfying the information security requirements arising from our corporate responsibilities to both our internal and external stakeholders.

In order to achieve this strategic objective, the University guarantees to ensure information security, protect information assets, meet information security requirements and expectations within the scope of applicable terms and conditions as well as international standards, systematically manage risks to improve information security performance, ensure infrastructure and operational security, and make sure that all employees comply with the University’s Information Security Policies and Procedures.

To that end, the Information Security Management System (ISMS) established within Özyeğin University is implemented across the University's departments and processes.

As Özyeğin University, our primary goals for Information Security are follows:

• To comply with all relevant legislation, institutional regulations, and contracts with third parties (i.e. business partners, suppliers) concerning information security,
• To comply with the Law on the Protection of Personal Data, and the Information and Communication Security Guide issued by the Digital Transformation Office of the Presidency of the Republic of Türkiye,
• Make sure that all resources are allocated, installed, managed, and continuously improved by our information security management system as per the requirements of the TS ISO/IEC 27001 BGYS standard,
• Maintain the integrity, confidentiality, authorized accessibility of our University’s information assets within the scope of the Information Security Management System,
• Provide employees, students, suppliers, and other stakeholders with safe access to information assets,
• Evaluate and manage potential risks against the information assets of our University and its stakeholders,
• Minimize the impact of information security threats on business/service continuity, and ensure business continuity and sustainability,
• Provide necessary training to raise awareness of information security and build on competencies,
• To maintain our University’s reputation and brand value in the eyes of our employees, students, suppliers, and the public.
• Ensure that the University's information security practices and procedures are reviewed through internal assessments and by independent third-party institutions to assess their compliance with laws and standards,
• Effectively manage information security to minimize potential damages arising from information security issues.
• To reduce the likelihood of information security breaches, respond in coordination in case of any actual breach, and ensure the continuous improvement of the Information Security Management System.

We expect all our employees, students and suppliers to meet the requirements of the Information Security Management System within the scope of the primary goals outlined above, and offer their utmost contributions and attention to our University’s relevant processes.