As Taksicim, within the scope of its software development activities for Taxi Transportation brokerage services, we aim to:
Manage information assets, identify the security values, needs, and risks of assets, and develop and implement controls for security risks.
Define a framework for determining methods for identifying information assets, their values, security needs, vulnerabilities, threats to assets, and the frequency of threats.
Define a framework for assessing the confidentiality, integrity, and availability impacts of threats on assets.
Define working principles for risk management.
Continuously monitor risks by reviewing technological expectations within the context of the service provided.
Ensure information security requirements arising from national and international regulations, legal and relevant legislative requirements, fulfilling contractual obligations, and company responsibilities to internal and external stakeholders.
Reduce the impact of information security threats on service continuity and contribute to continuity.
Have the competence to rapidly respond to potential information security incidents and minimize their impact.
Maintain and improve information security over time with a cost-effective control infrastructure.
To provide all personnel with awareness, briefing, and awareness-raising training on the Information Security Management System Policy, Processes, and similar topics, and to repeat these training sessions periodically.
To continuously improve the system by considering the results of implementation, audit, and corrective action within the Information Security Management System.
To implement the Information Security Management System in integration with other management systems within Bitaksi.
To maintain environmentally conscious and socially responsible work towards ensuring environmental sustainability and addressing climate change.
To ensure that the products used within the scope of the activity are environmentally friendly and recycled.
To work to understand and meet the requirements of the Personal Data Protection Law (KVKK).
To enhance the company’s reputation and protect it from negative impacts related to information security.