Information security policy prospect: Increase the personnel acknowledgement. Avoid information security incident、Implement on daily operations、Ensure the service availability
1. Hold training sessions for information security and educate employees on information security and corresponding responsibilities.
2. Protect Innolux operational information and avoid unauthorized access and modifications to guarantee information integrity.
3. Audit internally on a regular basis to ensure all relevant operations implemented.
4. Ensure the major core system of Innolux maintains the system availability with certain standards.
Security department conduct and implement the company information security policy, publicize information security information, enhance the staff's knowledge of information security, and regularly report information security results to the chief information security officer, general manager and chairman of the board. The Chief Information Security Officer reports information security governance matters to the Board of Directors in the fourth quarter of each year. Check the effectiveness of internal control of company information, and setup a framework for "proactive information security and prevention" in order to ensure the confidentiality, integrity and availability of information. Reduce the risk of unauthorized use, breach or disclosure of information.
1. Information security governance:
ISO27001、TISAX AL3 certificate, implement information security policy management, data security rules and regulations control, and continue to make changes to protect the company's important systems and
data security.
2. Risk improvement:
Regularly perform information security audit operations, ensure that information is safely implemented, introduce external information security solutions, and improve internal information maintenance procedures.
3. Risk control:
The insurance policy can protect the company from all kinds of losses and damages to the minimum.
4. Information Security promotion:
Promote Innolux information security month activities and regularly conduct information security education training and drills to enhance employees' information security awareness.
5. Cyber Intelligence Collection
To be the first case to join FIRST, the international information security organization, in the technology industry. To cooperate with TWCERT and SP-ISAC for information security intelligence exchange and Information security personnel training.
Download ISO 27001