The company completed the formulation of the “Information Security Policy and Management Plan” in 2023, which has been disclosed in the important regulations on the company’s official website. Its purpose is to protect the security of the company’s information equipment, systems and network communications, and effectively reduce the risk of human errors and external threats. Threats or natural disasters may lead to unauthorized access, use, control, leakage, destruction, tampering, destruction or other infringement of information assets. Strengthen information security management to ensure the confidentiality, integrity and Availability to maintain an operating environment where the company’s continued operations are free from information security hazards and free from internal and external intentional or accidental threats.
The establishment and promotion of the information security system is divided into responsibilities among three people in the management department. Crisis prevention measures and management are adopted in response to external threats, authority management, access control, system availability, etc.; at the same time, NewSoft International Technology Co., Ltd. is appointed The company regularly assists in the implementation of information security assessments. Projects include: computer system testing, computer maintenance and system reorganization, server maintenance, firewall management, network problem maintenance, anti-virus processing, data backup management and settings, etc. to avoid company information security occurrence of risks.
In order to establish the information security concept of company colleagues and avoid being attacked by hackers, phishing, piracy, copyright infringement issues and malware, teaching materials are formulated to conduct regular information security propaganda and employee security education training for all employees every year. The audit office discusses risks Information security inspections are regularly audited every year, and announcements and promotions are made by email from time to time. In order to implement the information security environment and technical regulations, in line with the belief that everyone is responsible for information security, the company requires all employees to comply with various information security regulations. Regarding policies, procedures and operations, this year’s safety promotion training for all employees was completed on August 31 and December 15, 2023 respectively.