Comply with applicable laws and regulations
Establish policies and procedures related to information security
Implement risk management in organizational activities
Continuously promote information security awareness
Apply Best Practices in information security
Continuously improve the competency of Human Resources related to information security
Conduct Reviews and provide recommendations for all systems by independent parties periodically
Ensure management commitment to the implementation of information security.
The COLLEGA-CSIRT constituents include all units across the directorate within the company and data owners/clients.
The main services of COLLEGA-CSIRT are:
Providing alerts related to cybersecurity: Alert services are given to all Units across the Directorate in the Company and Data Owners / Clients, taking into account their respective responsibilities.
Handling cyber incidents: The cyber incident handling service is provided by COLLEGA-CSIRT in the form of analysis, technical recommendations, and on-site assistance for the mitigation and recovery of cyber incidents.
Receiving reports of cyber incidents: The cyber incident reporting service is provided in the form of coordination for the mitigation and recovery of cyber incidents.
COLLEGA-CSIRT provides incident handling for the following types:
Web Defacement
DDOS
Malware
Phishing
The support provided by COLLEGA-CSIRT to constituents may vary depending on the type and impact of the incident.
The Collega Cyber Security Incident Response Team (CSIRT) has a team composition that refers to the Director's Decision Letter Number: SK/DIR/03-24/004 Regarding the Security Incident Response Policy Procedures. The chairperson of COLLEGA-CSIRT is held by the Head of the Internal Audit & Risk Management Division.
