Circular No. 30823 on Information and Communication Security Measures was published by the Presidency on 05.07.2019, and "Information and Communication Security Guide" was published by the Presidency's Digital Transformation Office on 10.07.2020 based on the circular. With this guide, which covers public institutions and organizations providing critical infrastructure services, a new information security regulation has been defined.
Application of the Guide
⦁ Identification of Asset Groups Institutions are expected to group their information assets as follows with “Annex C.1: Asset Group Critical Rating Questionnaire”.
- If the survey result is less than 18: 1st Degree Entity.
- 2nd Degree Asset if the survey result is between 18 and 28.
- If the survey result is higher than 28, 3. Degree Varlık.
⦁ As a result of comparing the existing measures for the protection of assets with the measures specified in the guide, "Annex-C.3: Current Situation and Gap Analysis" will be taken into consideration.
- Comparison of the measures applied to the 1st degree assets with the 1st Level Measures specified in the guide.
- Comparison of the measures applied to the 2nd degree assets with the 1st and 2nd Degree Measures specified in the guide.
- Comparison of the measures applied to the 3rd degree assets with the 1st, 2nd and 3rd Degree Measures specified in the guide.
⦁ Annex C.4: Planning the measures to be implemented with the Guideline Implementation Roadmap Determination Form
⦁ Periodic preparation of progress report.
⦁ Conducting the Internal Audit of Information and Communication Security and submitting the report to the Presidency Digital Transformation Office
Compliance plan with the guide is as follows.
To request a quotation for the following: Cyber Security, Digital Transformation, MSSP, Penetration Testing, KVKK, GDPR, ISO 27001 and ISO 27701, please click here.