Information Security Management
I.Organizational structure of information security
II.Information Security Management Policy
Purpose: To strengthen information security management, Promate Electronic Co., Ltd. establishes safe and reliable electronic communications that ensure data confidentiality, system integrity and process management, in addition to equipment and network security. This avoids unnecessary operational losses caused by information security failures so as to ensure the purpose of continuous business operations. Please see “Management Practices for Information and Network Security”.
III.Information Security Management Measures
| Type | Relevant Operations |
|---|---|
| Access Management | 1.Review of personnel account access management 2.Regular inventory of personnel accounts 3.Strengthen employees’ awareness of information security and information security education and training |
| Control and Management on System Access | 1.Management measures of personnel access to internal/external systems and data transmission 2.Separating the internal/external network with a firewall 3.Remote access management measures |
| External Threats | 1.Program for computer virus protection and regular virus pattern updates 2.Regular vulnerability scans 3.If the information system is infected by a virus, security vulnerabilities and exploits shall be protected 4.E-Mail security, Spam mail filtering mechanism |
| Availability | 1.Network and system usage status monitoring and reporting mechanism 2.Contingency measures when information services are interrupted 3.Ensure the implementation of daily backup/remote backup mechanisms and store them in a secure location 4.Data leakage prevention mechanism to ensure data confidentiality 5.Regular disaster recovery drills so that the computer systems and business can quickly resume to normal operations after a disaster occurs |
IV.Implementation status
The Company takes current events as cyber security promotion at regular intervals, and organizes 8 times of educational training in 2022, totally 496.5 hours, to enhance its staffs’ watchfulness for cyber security.