Information technologies structure is important in corporations meeting changing compliance needs. Our compliance and auditing services ensure your compliance with the following information technologies legislation:
- BRSA (BDDK) internal systems and information systems legislation for banks, their affiliates and support services providers; factoring, financial leasing, financing and asset management companies; information exchange, barter and offset establishments; and payment and security settlement systems, payment systems and payment and electronic currency institutions
- CBRT (TCMB) information systems legislation for payment and security settlement systems, payment systems and payment and electronic currency institutions
- CMB (SPK) information systems legislation for various establishments with compliance or audit liabilities
- RA (GİB) information systems legislation for e-document (e-invoice, e-dispatch, e-archive etc.) private integrators, secure mobile payment and electronic document management system service providers, and trusted service providers (TSM) for new generation payment recorder devices (YNÖKC)
- TBA (TBB) Risk Center information systems legislation for member establishments
- IRSA (SEDDK) internal systems and information systems legislation for the insurance industry
- ICTA (BTK) information systems legislation for the telecommunication industry
- Information systems legislation for e-general assembly system (EGKS), e-signature, e-notification, registered e-mail (KEP), e-commerce etc.
- Other information systems legislation published by POAASA (KGK), other regulators and institutions
- Internationally accepted frameworks and standards such as CMMI, COBIT, ISO20000, ISO22301, ISO27001, ISO31000, ISO38500, ITIL, PMI, TOGAF etc.
- Information systems requirements in the scope of SOX, Euro-SOX and J-SOX legislations
- Information systems requirements in the scope of the international legislations such as DORA (Digital Operational Resilience Act), DSA (Digital Services Act) and DMA (Digital Market Act)
- Information systems requirements in the scope of the standards that might result in technology transformation needs such IFRS standards (IFRS9, IFRS15, IFRS17 etc.) and other frameworks (Basel, Solvency etc.)
- Local and international standards such as GDS3402, ISAE3402, SOC-1-2-3 etc. for assurance needs related to services provided by service organisations, support service establishments, external service providers, establishments operating in Fintech, Insurtech and Regtech, and other suppliers
- Local and international standards such as GDS3000 and ISAE3000 for assurance needs related to business and technology needs of applications and other matters
Follow us
