The Agency's mission is to ensure that the institutions subject to its supervision perform their operations in a safe and sound manner in line with the Banking Law and other applicable regulations, that the credit system functions efficiently, that the rights and interests of savers are safeguarded, and thus contribute to the development of financial markets as well as financial stability.
The Agency's vision is to become a model authority that undertakes regulation, supervision and risk management functions for financial markets, institutions and consumers at international standards, in line with national needs and requirements.
An Information Security Management System (ISMS) has been established within the Data and System Management Department of the Banking Regulation and Supervision Agency and is audited and certified in terms of compliance with ISO / IEC 27001: 2013 standards by the institutions that are obliged to independent auditing.
By ISO 27001 certification it is ensured that information is protected against unauthorized access, it is provided that confidentiality, integrity and availability of information for the authorized users do exist, information is not shared with unauthorized parties, the personnel are given necessary education about information security and all information security vulnerabilities and suspicious weak points with regard to information security are reported to those in charge.
Related parties of ISO 27001 certificate within the scope of ISMS; The personnel of the Agency, Data and System Management Department of the Agency, obligatory groups determined within the framework of Turkish Banking Law of Article Number 5411 and third parties participating in the activities within the framework of the legislation due to their duties.
The information security requirements of those parties have been defined and specified within the relevant legislation, statement of applicability, policies, procedures and forms of ISMS and may be shared with relevant authorities if required.