top of page

SECURITY POLICY

Leave a Comment / Uncategorized


Information Security Policy

  1. Basic Policy
    Customer and company information assets are vital resources for our company. It is extremely important to protect these assets from various security threats. Therefore, all personnel engaged in business operations at our company shall comply with the information security policy established to protect information assets, and by handling these assets accurately and securely, we will protect customer information and live up to their trust.

  2. Purpose of the Information Security Policy
    From the perspectives of confidentiality, integrity, and availability, this policy sets standards for the proper use of information assets and operational regulations. It also establishes specific rules such as setting objectives to prevent unauthorized access, loss, destruction, alteration, and leakage of information assets, risk assessment methods, and codes of conduct.

  3. Organizational Activities
    To embody the basic policy, the following activities are carried out:

  • All officers and personnel engaged in business at the company shall comply with the information security policy, relevant laws, regulations, and contractual obligations.

  • An Information Security Management Officer shall be appointed and granted the responsibility and authority to implement and operate the information security policy, and to develop an environment for establishing and maintaining the Information Security Management System (ISMS).

  • An Information Security Audit Officer shall be appointed to conduct information security audits, and based on the results, revise the policy and improve operations.

  • We will request cooperation from associated companies and individuals to achieve the objectives of the information security policy.

  • This basic policy will be published on our internet homepage and made accessible at all times.

  • The information security policy shall be continuously improved.

  1. Individual Policies on Information Security

Mobile Device Policy

  • Security measures will be implemented on mobile devices.

Access Control Policy

  • Appropriate settings for access rights will be implemented.

Policy for Use of Encryption Controls

  • Appropriate encryption technologies will be applied.

Clear Desk and Clear Screen Policy

  • Clear desk and clear screen practices will be implemented.

Policy and Procedures for Information Transfer

  • Procedures and controls will be established and implemented to protect information transfers.

Information Security Policy for Supplier Relationships

  • Confidentiality agreements will be concluded.

Let me know if you’d like to have this published format-ready or translated into another language.

bottom of page