Cyber security management

The company is led by an Information Security Officer and an Information Security Specialist, who are responsible for planning, executing, and analyzing information security-related issues.

The consolidated company has strengthened the information security awareness among the Company’s employees to enhance data protection and equipment use security. Through the establishment of relevant information security management measures and risk assessments, the main response measures are as follows:

1. The cyber security inspection control operation is stipulated in the information cycle of the Company’s internal control system as the basis for employees’ compliance. At the same time, the effectiveness of the internal control system is evaluated from time to time to ensure the effectiveness of information security practices.
2. The auditors audit the Company’s information security management to understand the information security operation status, and evaluate whether the improvement of various risk control and abnormal matters is accurate, in order to reduce and avoid related information security risks.
3. Strengthen the promotion of the concept of information security to employees, improve employees’ awareness of preventing malicious attacks by external units, and reduce risks caused by operating habits to provide security for the Company’s daily operational management.
4. To ensure the protection and confidentiality of data, procedures and data access shall be subject to appropriate approval and authorization to prevent the risk of leakage of confidential data.
5. The consolidated company continues to implement information security protection and establish various protective measures, including firewalls, email anti-virus, spam filtering and other information security-related protection systems, in order to improve the security of the overall information environment.