- Audit Committee
- Remuneration Committee
- Ethical Corporate Management Committee
- Information Security & Personal Data Protection Committee
- Corporate Sustainability Committee
Information Security & Personal Data Protection Committee
Information Security & Personal Data Protection Committee
In order to improve the information security and personal information management of the group, the company established the "Information Security & Personal Data Protection Committee", which is responsible for formulating internal information security policies, planning and implementing information security, personal information management operations, and promoting and implementing information security policies. Report executive results to the Board of Directors annually.
Our Information Security Policy Vision:
Strengthen employees' information security awareness, avoid information security incidents, implement daily continuous operations, and ensure service availability.
Organization
Information Security & Personal Data Protection Committee Information
The Information Security & Personal Data Protection Committee Information is chaired by CEO Donald Hsiao, deputy S&M general manager Tim Tsao is the vice chairman, and manager Sheng Te Chen is responsible for coordinating information security and personal data and other related matters.
Operating situation
The Information Security & Personal Data Protection Committee is the responsible unit of the company's information security, which regularly reports the implementation of the company's information security governance to the board of directors. The latest report date is December 8, 2023, and the content is as follows:
Project | Information Security and Personal Data Policy and Preventive Measures | Group execution results |
---|---|---|
1 | Maintenance of information security and personal data policies and procedures | The company complies with the relevant laws and regulations to formulate the following measures to comply with internal information security and personal information management operations.
|
2 | Disaster Recovery Plan Execution | Assess the impact of various man-made and natural disasters on the company's information assets, and formulate disaster recovery plans and test execution; regular 1-2 maintenance of power and motors in the computer room to ensure the continuous operation of the company's business. |
3 | Establishment of software and hardware equipment for information security protection | Equipped with firewall, anti-virus software, anti-spam anti-blocking system, restricting the use of internal network, etc. |
4 | Information Security and Personal Data Promotion | In the company's quarterly meetings, information security and personal data policies, use of legal software, etc. are promoted to enhance the awareness of various business departments and personnel. |
5 | Status of Virus Ransomware Cases | Sporadic cases of virus extortion have not caused major financial losses to the company through data backup procedures. |