Our Policies

As OBSS, we offer services to our customers in the defense, finance, and telecommunications sectors in which information technologies (IT) are used extensively for the most part. Due to the nature of our customers, “Information Security” is paramount for us. For the purposes of this policy, “Information Security” refers to the protection of the privacy, integrity, and availability aspects of OBSS’s information assets. 

This policy covers all units that utilize OBSS’s computing infrastructure; users who access information systems as third parties; and service, software, or hardware providers that provide technical support to information systems.
 
In order to maintain its reputation and image, to ensure compliance with the information security criteria contained in contracts with third parties and guarantee the protection of its information assets, and to ensure that basic and supportive business activities are carried out with minimal interruption, OBSS’ management aims to ensure information security for all physical and electronic information assets used in the performance of information services. 

OBSS’ risk management framework covers the identification, evaluation, and processing of information security risks. The risk assessment, feasibility declaration, and risk-processing plan define how information security risks are controlled. The “Information Security Coordination Board” composed of the security officers of the units is responsible for the management and implementation of this plan. The “Security Coordination Board” is also responsible for supporting and maintaining the BGYS infrastructure. 

All employees of OBSS and external parties defined in BGYS are expected to comply with the appropriate ones among these policies and other associated BGYS policies, procedures, processes, and instructions.  

OBSS’ management supports the implementation and control of OBSS Information Security Policies and the enforcement of necessary sanctions for security breaches. 

In order to be a trademark that sets the standard in the field of information technologies with its solutions providing high-quality human resources, simplicity, and independence to our customers, we aim; 

• To prioritize R&D studies that will create our own software architecture and standard; 
• To conform to national and global standards applicable to our products and services; 
• To constantly follow the trends in software technologies and to offer the right software technology to the customer via qualified employees; 
• To ensure that the projects are transparent, measurable, and sustainable and bring in added value for both the employee and the customer; 
• To carry out a high-quality, long-term, and efficient cooperation with the recipients of our services; 
• To create international goals; 
• To protect information assets against any internal or external, intentional or accidental threats in terms of privacy, integrity, and accessibility; 
• To ensure and enforce feasible conditions by continuously auditing the effectiveness of the ISO 9001:2015 Quality management system and by carrying out any required improvements, 
• To create environments that will enhance the knowledge and skills of employees and students studying software; 
• To ensure the creation of an inclusive and pluralistic management approach and to promote leadership and employee participation in all our processes to this end, 
• To become an organization that aims to continuously improve itself via the process approach adopted by its employees on the basis of the principle of “a happy employee, a happy customer. 

As OBSS, we offer services to our customers in the defense, finance, and telecommunications sectors in which information technologies (IT) are used extensively for the most part. Due to the nature of our customers, “Information Security” is paramount for us. For the purposes of this policy, “Information Security” refers to the protection of the privacy, integrity, and availability aspects of OBSS’s information assets. 

This policy covers all units that utilize OBSS’s computing infrastructure; users who access information systems as third parties; and service, software, or hardware providers that provide technical support to information systems. 

In order to maintain its reputation and image, to ensure compliance with the information security criteria contained in contracts with third parties and guarantee the protection of its information assets, and to ensure that basic and supportive business activities are carried out with minimal interruption, OBSS’ management aims to ensure information security for all physical and electronic information assets used in the performance of information services. 

OBSS’ risk management framework covers the identification, evaluation, and processing of information security risks. The risk assessment, feasibility declaration, and risk-processing plan define how information security risks are controlled. The “Information Security Coordination Board” composed of the security officers of the units is responsible for the management and implementation of this plan. The “Security Coordination Board” is also responsible for supporting and maintaining the BGYS infrastructure. 

All employees of OBSS and external parties defined in BGYS are expected to comply with the appropriate ones among these policies and other associated BGYS policies, procedures, processes, and instructions.  
OBSS’ management supports the implementation and control of OBSS Information Security Policies and the enforcement of necessary sanctions for security breaches.