Information Security Policy

  1. Compliance with Information Security Regulations
    Establish an information security management system that meets national or international standards.
  2. Establishment of a Cross-Functional Information Security Management Organization
    Responsible for the development, implementation, supervision, review, audit, and continuous improvement of the information security management system.
  3. Commitment from Corporate Leadership on Information Security 
    Managing executives demonstrate their leadership through actively supporting information security management initiatives.
  4. Risk Management Mechanism
    Establish an information security risk management framework, conduct regular risk assessments, and implement risk mitigation measures to reduce potential threats.
  5. Information Security Awareness and Training
    Actively conduct information security training to promote security policies and implementation guidelines.
  6. Third-Party Security Management
    Effectively oversee and manage outsourced information security services to uphold compliance and security standards.
  7. Access Control and Protection
    Implement essential security measures to safeguard access to information systems.
  8. Intellectual Property Compliance
    Protect and uphold intellectual property rights by complying with legal software licenses and copyrights; strictly prohibit the installation and use of unauthorized or pirated software.
  9. Sustaining Information Security Continuity
    Ensure the continuous delivery of critical information security services at a minimum operational level .
  10. Cyber Defense and Threat Prevention
    Deploy information security defense infrastructure and establish regular security testing routines to prevent cyber attacks.
  11. Crisis Response and Management
    Establish a comprehensive reporting and response framework with proactive preparation, timely incident management, and continuous post-incident enhancements. 
  12. Regular Information Security Audits
    Conduct regular audits to ensure the continuous and effective implementation of security policies and compliance measures.