Establish an Emergency Response Management System : Develop business continuity management mechanisms to address risks that may disrupt operations, such as major disasters, accidents, or pandemics.
Establish backup and contingency mechanisms, such as IT disaster recovery, remote/offsite working arrangements, diversified suppliers, and a job backup (deputy) system.
Confidentiality / Personal Data Protection
We require the signing of confidentiality agreements. The scope of information protection covers internal employees and external stakeholders (including customers, suppliers, consultants, and partners), as well as the security of operational information systems and related hardware and software equipment, ensuring protection for employees, customers, and suppliers.
Comply with the Personal Data Protection Act to ensure the legality and confidentiality of personal data usage.
Sensitive Data Management and Control
Set system access permissions
Implement physical security controls, such as access control systems, locking file cabinets, and securing file storage rooms.
When data is disposed of, destruction procedures are implemented, such as shredding with a shredder, outsourcing secure destruction (e.g., pulping or crushing), and hard drive formatting.
Conduct regular information security training sessions for employees to safeguard the security and rights of the company and its customers.
For more information, please feel free to contact us
