Information Security Risk Management
The company established an "Information Security Committee" on December 22, 2021 and formulated an information security policy. It performs relevant preventive operations based on the information security control measures of the information security policy, and holds regular meetings every year to review the company's information security policy and implementation results. An Information Security Committee meeting will be held on December 10, 2024 to review the implementation of information security projects such as the CMMC assessment of the year, pre-assessment of software and hardware purchases, regulations prohibiting bringing personal computers to the company for use, gradual upgrades of personal computers and illegal installation and downloading of software. for the year The project implementation status was reviewed and no incidents that endangered information security occurred during the year, and it was reported to the board of directors on January 7, 2025.
Information security is an important issue in the company's operations. The resource plans and resources invested in response to information security management matters are as follows:
●Dedicated manpower: On November 6, 2023, the board of directors decided to set up a dedicated information security supervisor and an information security personnel each to be responsible for the company's information security planning, technology introduction and related audit matters to maintain and continuously strengthen information security.
(The information security supervisor will obtain the CMMC professional certification certificate in June 2024)
●Customer satisfaction: There are no customer complaints that endanger information security.
●Information Security Announcement: Prepare information security related announcements and e-mails to convey important regulations and precautions for information security protection.
■ Information Security Policy |
|
