Information Security Risk Management
The company established an "Information Security Committee" on December 22, 2021 and formulated an information security policy. It performs relevant preventive operations based on the information security control measures of the information security policy, and holds regular meetings every year to review the company's information security policy and implementation results. An Information Security Committee meeting will be held on December 26, 2023, to discuss information security such as CMMC assessment, ERP issue tracking, ransomware poisoning prevention measures, anti-virus software updates, system backup, disabling flash drive assessment, vulnerability scanning response measures, etc. for the year The project implementation status was reviewed and no incidents that endangered information security occurred during the year, and it was reported to the board of directors on January 22, 2024.
Information security is an important issue in the company's operations. The resource plans and resources invested in response to information security management matters are as follows:
●Dedicated manpower: On November 6, 2023, the board of directors decided to set up a dedicated information security supervisor and an information security personnel each to be responsible for the company's information security planning, technology introduction and related audit matters to maintain and continuously strengthen information security.
●Customer satisfaction: There are no customer complaints that endanger information security.
●Information Security Announcement: Prepare information security related announcements and e-mails to convey important regulations and precautions for information security protection.
■ Information Security Policy |
|
