The main theme of the Integrated Information, Artificial Intelligence and Continuity Management System established within the framework of TS EN ISO 27001:2022 Information Security Management System, TS EN 27701:2019 Personal Data Management System, TS EN 20000-1:2018 Information Security Service Management System, TS EN ISO 22301:2019 Business Continuity Management System and ISO/IEC 42001:2023 Artificial Intelligence Management System is to ensure the safe, ethical, sustainable and legal management of all assets including people, infrastructure, software, hardware, customer information, organization information, third party information, financial resources and artificial intelligence systems in MİA TEKNOLOJİ A.Ş. IT services.
In this context, the purpose of our EBSYS Policy is;
- To protect MİA TEKNOLOJİ A.Ş. information assets against all kinds of threats that may occur internally or externally, knowingly or unknowingly, to provide accessibility to information as required through business processes, to meet legal legislation requirements, to work towards continuous improvement
To ensure the continuity of the three basic elements of ISO 27001 Information Security Management System in all activities carried out:
Confidentiality: Preventing unauthorized access to important information,
Integrity: Demonstrating that the accuracy and integrity of information is provided,
Accessibility: Demonstrating that authorized persons can access information when necessary,
To deal with the security of not only data kept electronically but also all data in written, printed, oral and similar media,
To provide consistent, high quality services to customers within the scope of ISO 20000-1 Information Technologies Service Management System;
To ensure confidentiality in the processing of personal data within the scope of ISO 27701 Personal Data Management System; to fully comply with legal regulations and standard requirements,
To prevent interruption of critical business processes within the scope of ISO 22301 Business Continuity Management System; to ensure rapid recovery and continuity against possible disruptions,
To provide awareness by providing Information Security Management training to all personnel,
To ensure that all actually existing or suspicious vulnerabilities in information security are reported to the EBSYS Team and that these vulnerabilities are investigated,
To prepare, maintain and test business continuity plans,
To identify existing risks by conducting periodic evaluations on information security; to review and follow up the action plans as a result of the evaluations,
To prevent all kinds of disputes and conflicts of interest that may arise from contracts,
To meet business requirements for accessibility to information and information systems,
To ensure compliance with the principles of reliability, transparency, ethical values, human-centeredness and security in the development, implementation and use of artificial intelligence systems. To assess the risks of artificial intelligence systems developed in-house or procured from external sources, to monitor them throughout their life cycle, to support transparent decision-making processes and to ensure their compliance with the relevant legal, ethical and social responsibilities. In this context;
– To ensure that artificial intelligence systems operate in accordance with their purposes, fairly and without discrimination,
– To create processes in accordance with the principles of human oversight, traceability and traceability, – To ensure that artificial intelligence systems are managed in an integrated manner with information security, personal data protection and business continuity,
– To maintain open communication with relevant stakeholders and develop transparency-based information mechanisms,
– To carry out training and information activities in order to increase the awareness of all employees about artificial intelligence,
– To plan and implement preventive and corrective activities against ethical, social or legal risks that may arise during the use of artificial intelligence technologies,
– To adopt a systematic management approach with internal control and continuous improvement mechanisms regarding artificial intelligence.