Quality and information security are the priority bases of software development processes. For the solutions made available for the sector, our company ensures information security at maximum level in accordance with national and international regulations and customer requests, while adopting global standards for software development processes.
In software development, consultancy and support services regarding healthcare informatics and consultancy, training and engineering services concerning these activities; ensuring personal, infrastructural, software, hardware and institutional information; information belonging to third parties and information security and risk management within financial resources; measuring process performance of information security management and organizing the relations with third parties on the information security issues constitute our ISMS Policy.
In this respect, as Bilbest, our policy is:
Managing information assets, specifying security levels, requirements and risks of assets, developing and implementing controls against security risks,
Specifying the framework determined by methods for identifying information assets, values, security requirements, vulnerabilities and threats against assets and the frequency of threats,
Specifying a framework for the evaluation of the effects of threats on assets in terms of privacy, integrity and accesibility,
Executing working principles for the mitigating of risks,
Continuously monitoring the risks by reviewing technological expectancies within the scope of services,
Ensuring information security requirements stemming from governing national and international regulations, fulfilling the requirements of legal and related legislation, corresponding the responsibilities of agreements and institutional responsibilities against internal and external partners,
Minimizing the effect of information security threats for service continuity and providing sustainability,
Having competence to rapidly interfere possible information security cases and to minimize the effect of such cases,
Maintaining and improving information security level through a cost effective controlling infrastructure and making information security a part of corporate culture.