1. Objectives

By appropriately handling information assets, ensure the security and trust of customers and employees.

2. Scope of application

All organizations and all employees, including all officers of the Company
All information assets provided by the customers and all information assets of the Company

3. Initiatives for information security

Appoint a person responsible for information security management (ISMS manager)
Prepare information security rules and inform them to employees, and conduct educational and awareness activities
Conduct risk assessments in order to ensure the confidentiality, completeness, and availability of the information assets, as well as strive to implement, monitor, review and improve the security measures
Conduct audits to confirm the status of compliance with the information security rules
Review the rules and measures in response to revisions to the laws, changes in technology and new threats, and keep the rules and measures up-to-date and maintain compliance with them

End of text