ISO 27001 - Information Technology Department | Eskisehir Osmangazi University

What is ISO 27001: 2013 Information Security Management System?
The ISO 27001: 2013 Information Security Management System (ISMS) standard covers all types of organizations (eg commercial organizations, government agencies, non-profit organizations).
ISO 27001: 2013 Information Security Management System covers the requirements for establishing, implementing, monitoring, reviewing, maintaining and improving a documented ISMS (Information Security Management System) in the context of all commercial risks of the organization.
ISO 27001: 2013 Information Security Management System (ISMS) is designed to provide adequate and proportionate security controls that protect information assets and reassure interested parties.
Organizations wishing to obtain ISO 27001: 2013 Information Security Management System certificate should receive Consultancy Service to meet the general requirements of ISO 27001 Information Security Management System standard and must pass the audit of Accredited Organizations successfully. Organizations may have ISO 27001: 2013 Information Security Management System certificate after this audit.
At Eskisehir Osmangazi University
ISO 27001: 2013 Information Security Management System (ISMS) Process

Work on the ISMS process was initiated on August 1, 2018, within the Department of Information Technology.

ESOGÜ ISMS policy has been created and announced on the ESOGÜ main web page and the web page of the Information Technology Department. Information Security Awareness Training was provided to all personnel at the congress center on September 6, 2018. ISMS Works were completed in July 2019. As a result of the external audit, the Information Technology Department was entitled to receive the ISO 27001 certificate as of 14.07.2019.

As a result of the 2nd External Audit held on 28.07.2020, the ISMS certificate was renewed.

As a result of the 2nd External Audit held on 25.07.2021, the ISMS certificate was renewed.

In 2022, it continues its work with the Information Security Unit established within the CC, within the scope of the Information Security Management System.