Vision and Goals
1. Information Security Policy: To enhance information security management, ensuring the confidentiality, integrity, and availability of associated information and information assets. This aims to provide an information environment that supports the continuous operation of the company’s information business and complies with relevant regulatory requirements, safeguarding against intentional or accidental threats from both internal and external sources.
2. Information Security Objectives:
1. To conduct information security education and training, prompting awareness of information security among personnel and enhancing their understanding of related responsibilities.
2. To protect the information related to the Company’s business activities, preventing unauthorized access and modification, and ensuring its accuracy and completeness.
3. To ensure that the execution of the Company’s business activities complies with relevant legal and regulatory requirements.
4. To implement an information security risk assessment mechanism, enhancing the effectiveness and timeliness of information security management.
5. To conduct regular internal audits of information security operations, ensuring that related activities are properly implemented.
6. To maintain the continuous operation of information systems, ensuring that the Company has an information environment suitable for ongoing business operations.
An annual action plan should be developed based on the above information security objectives, detailing the required resources, responsible personnel, estimated completion time, and methods for evaluating results and assessment outcomes. Relevant monitoring and measurement activities should be conducted in accordance with the Company’s “ Control Implementation Effectiveness Measurement Form”.