Enforcement of Information Security and Enhancement of Information Services
The Information Security Management System (ISMS) is implemented by all employees, and all information and communication operations should ensure the confidentiality, integrity, and usability of operating data from risks such as leakage, destruction, or loss due to external threats or improper management by internal personnel, and select appropriate protection measures to reduce the risks to an acceptable level, as well as continuously monitor, review, and audit to strengthen information services and enhance service standards. We will select appropriate protection measures to minimize the risk to an acceptable level, and conduct continuous monitoring, review and auditing to strengthen information services and improve service standards.
Enhance Information Security Training and Prepare for Notification and Response
We supervise all employees in the implementation of information security management and conduct appropriate information security education and training every year to establish the concept of “information security is everyone’s responsibility” and encourage employees to understand the importance of information security and comply with the information security regulations in order to improve the information security management. To improve the information and communication safety notification and response capability of all employees, to reduce the risk of information and communication safety, and to achieve the goal of sustainable operation.
Prompt Disaster Recovery to Ensure Continuity of Operations
We have formulated emergency response and disaster recovery plans for our critical business and important information assets, and regularly conduct various emergency response planning and drills to ensure that we can quickly recover from the failure of our core information and communications systems or the occurrence of a major disaster, so as to ensure the continuity of our critical business operations and minimize losses.