◆ICT Security Management Strategies and Structures
Type of Risk
Details of Risk
Information Security Management
The enterprise's information assets may be subject to unacceptable risks and the confidentiality, completely and availability of the information cannot be ensured, including the fact that unauthorized persons can still access the information, and the information content and information processing methods cannot be ensured to be correct and complete, uthorized users are unable to immediately access information and use related assets when needed, resulting in possible losses.
**Note: The mobile version can be read by sliding left and right.
General Affair office serves as the dedicated unit for "information security and security". The general affair office iresponsibles for assisting the board of directors and management in planning and supervising the execution and prevention plans to ensure the implementation of information security. This General Affair Office is scheduled to report in December every year. The most recent report was Dec.19, 2023 to the Board of Directors.
◆IT Security Management Policies
Following 4 items are guidanaces to make sure HQs and overseas locations upon Information Technology&Security policies.
1.Establish information security management specifications that comply with regulations and customer needs
2.Have a consensus that everyone is responsible for information security through awareness among all employees
3.Protect the confidentiality, integrity and availability of company and customer information
4.Provide a production Information Technology environment safely, aiming at the three major information security protection axes of "anti-virus", "anti-hacking" and "anti-leakage", and establish firewalls, intrusion detection, anti-virus systems and many internal control systems to improve the company's ability to defend against external attacks and the ability to ensure the protection of internal confidential information
Plan to implement the Information Security Management System (ISMS) in the end of 2024 to reduce corporate information security threats from the system, technical and program levels, establish an information security protection environment that meets customer needs, and continue to carry out PDCA (Plan-Do-Check-Act) cycle for continuous improvement.
◆IT Security Managememnt Solutions
In order to achieve information security policies and goals and establish comprehensive information security protection, the management matters and specific management plans implemented are as follows:
1.Enhance Information Technologht&Security protection ability.
2.Enhance Network. end points and safe applications.
3.Compliance with laws.
4.Training.
◆Input resources to enhance IT Security Management
Information security has become an important issue in company operations.The corresponding information security management matters and resource input plans are as follows:
1.Training.
2.Information Security Bulletin Notice
◆Information security risks and countermeasures
Avertronics (AVIN) is committed to establishing comprehensive network and computer-related information security protection measures, and implementing and strengthening the information security awareness of all employees.