Information Security Policy

In view of the increasing popularity of computer and network applications in recent years, and to ensure the security of the Company and information security-related data, information systems, equipment and networks, the Company has established the Information Security Policy. The top executive of the information department serves as the convener to review the information security governance policies of each subsidiary and to oversee their operations. The Policy is regarded as the guidelines for the division of organizational authority and responsibility, personnel training, computer hardware and software, network and physical environment management for information security management of the Company. Additionally, the Top Executive reports regularly to the Board of Directors on the implementation of information security risk management.

 

 

2022 Information Security Operations

Operation item

Description

Information Security Advocacy

In 2022, a total of 5 information security promotions will be carried out.

Propaganda poster

Completed 10 promotional posters, conveying important regulations and precautions for information protection and information security.

Information Security Training

In 2022, 4 information security education and training sessions will be completed, including a total of 417 on-the-job information security education and training. The main contents include:

  • Data Leakage Prevention
  • fishing technique
  • Response method
  • trade secret protection

New employee education and training

100% completion rate (143 new recruits in 2022).

Social engineering drill

 

Conducted 1 email social engineering phishing email drill, with a total of 423 people in the drill.

Information security check by external professional organization

 

A total of 2 times will be arranged in 2022, including vulnerability scanning, penetration testing, firewall testing, etc.

Amendment or new information security-related regulations

Complete 2 method revisions.

Security Supervisors and Security Officers

Information security supervisor and information security personnel have been set up.