Information Security Policy

Information Security Policy

  1. Objective
    1. In order to strengthen information security management, ensure the confidentiality, integrity and availability of its information assets, provide an information environment for the continuous operation of the company's information business, and comply with the requirements of relevant laws and regulations, so that it can avoid internal and external deliberate or accidental threats, this policy is specified.
  2. Scope of application
    1. All units of the Company.
  3. Definition
    1. All personnel: the company's personnel and outsourced manufacturers.
  4. Vision & Goals
    1. Information Security Policy Vision:
      1. Strengthen the knowledge of personnel
      2. Avoid data leakage
      3. Implement daily maintenance
      4. Make sure the service is available
    2. In line with the vision of the information security policy, the proposed information security objectives are as follows:
      1. Conduct information security education and training, promote personnel's awareness of information security and strengthen their awareness of relevant responsibilities.
      2. Protect the information of the company's business activities from unauthorized access and modification, and ensure its accuracy and integrity.
      3. Conduct regular internal and external audits to ensure that relevant operations are properly implemented.
      4. Ensure that the company's critical core systems maintain a certain level of system availability.
    3. In view of the above-mentioned information security objectives, the annual to-do list, required resources, responsible personnel, estimated completion time, and result evaluation methods and evaluation results shall be formulated, and the relevant supervision and measurement procedures shall be handled in accordance with the Company's "Supervision and Measurement Management Procedures".
    4. The Information Security Implementation Team shall report to the convener of the Information Security Committee on the results of the measurement of the effectiveness of the information security objectives at the management review meeting.
  5. Liability
    1. This policy is established and reviewed by the management of the Company.
    2. The Information Security Executive Team adopts standards and procedures to implement this policy.
    3. All personnel are required to maintain information security policies in accordance with relevant security management procedures.
    4. It is the responsibility of all personnel to report information security incidents and any identified vulnerabilities.
    5. Any behavior that endangers information security will be investigated for civil, criminal and administrative liabilities or punished in accordance with the relevant regulations of the company.
    6. The information security policy shall be communicated to internal and external personnel, and may be communicated through internal announcements, meetings, education and training, etc.
  6. Censor
    1. This policy shall be reviewed at least once a year to reflect the latest developments in government laws and regulations, technology and business, so as to ensure the company's sustainable operation and information security practical capabilities.
  7. Implement
    1. The information security policy is reviewed in conjunction with the management review meeting.
    2. This Policy shall be reviewed by the Information Security Committee and approved by the convener for implementation, and the same shall apply when it is revised.
您好,您的瀏覽器版本太舊囉!

為了更好的體驗,請把瀏覽器更新為最新版本!

chrome 下載
Firefox 下載
Opera 下載
IE 下載

×

- 意林行銷 -