INFORMATION SECURITY POLICY
Dünya Katılım Bank takes all necessary administrative and technical measures as processes, organization, and technology to protect the data of its customers, employees, and suppliers. Within this scope, the bank:
- Maintains the confidentiality of customer and personnel information to ensure the privacy of personal data.
- Implements infrastructure and controls to preserve the integrity of information and guarantee its continuous accessibility.
- Establishes an information security organization to manage and coordinate information security activities.
- Conducts inventory of information assets, determines their ownership, and manages the risks associated with information assets.
- Carries out information security incident management activities, including detection, reporting, and prevention of recurrence of security incidents.
- Implements awareness programs for all staff and ensures the participation of all employees to meet information security requirements. It takes necessary physical and environmental security measures to ensure the security of information in areas where information is processed.
- Informs customers who will benefit from electronic banking services provided by the bank about the terms, risks, and exceptional circumstances related to the services in a clear manner.
- Determines and implements security requirements for the acquisition, development, and maintenance of information systems.
- Ensures compliance of employees with identified information security policies, processes, legal, and regulatory obligations by obtaining their written commitments.
- Conducts business continuity activities to prevent interruptions in business operations and ensure continuous access to information.
- Implements necessary security controls in all relevant areas to control access to information and prevent unauthorized access.
- Applies necessary security controls in the operation of information systems activities, and defines roles and responsibilities accordingly.