Information and Communication Security Policy, Organization and Objectives
Zhen Ding established the " Policy for Information Security Management " based on the three principles of information and communication security management: "Confidentiality, Integrity, and Accessibility"
In 2021, Zhen Ding formally established the Information Security Committee, with management executives as members, and set up the Chief Information Security Officer (CISO) to be responsible for supervising information security management. Meetings are held quarterly to formulate and review information security management goals, policies and procedures.
We has an Information Technology Department responsible for the construction of information-related software and hardware systems. In order to effectively promote the implementation of information security management policies, We has set up a full-time Information Security Department unit, with the Chief Information Security Officer (CISO) as the highest supervisor of the information security department. The department has set up an information security management team, an information security operation and maintenance team, an information security technology team, and an information security audit team, which are staffed by full-time personnel from the Information Security Department. In addition, an Information Security Task Force has been set up, with representatives appointed by each division. As an executive member, he is responsible for the dissemination and implementation of information and communications security policies to ensure the continued sound operation of the company's business.
Zhen Ding introduced the ISO 27001 information and communication management system in 2020 and continues to maintain ISO 27001 certification. The certificate is currently valid until 8 May, 2026. Through the introduction of the ISO27001 information and communication security management system, the ability to respond to information and communication security incidents is strengthened, and the assets of the company and customers are protected. The company officially joined the TWCERT Information Security Alliance on 13 December, 2022, effectively strengthening information sharing with domestic and foreign information security organizations and improving the ability to report information security incidents.
Zhen Ding has set three key management objectives for information security to protect the security of company and customer trade secrets, manage data in a hierarchical manner, properly review and optimize the management measures for company products and customer information, set up a special security zone for customer secrets, and control access to networks, computers and personnel with authorization.
1. Information Equipment Security Management
2. Network and Anti-Virus Management
3. Personnel InfoSec Education and Training
Between 2022 and 2024, Zhen Ding has not violated any information and communication security-related laws and regulations, and has not experienced any information and communication security incidents or complaints from customers for violation of their privacy or losing their data:
Total number of information security/cyber security incidents: 0
Number of information security incidents affecting customers’ personal data: 0
Total number of customers affected by information security incidents: 0
Total amount of fines related to information security/cyber security incidents: 0
