About us

Information Security Management Policy

The purpose of this policy is to provide clear guidelines for employees in their daily work. All employees are obligated to actively participate in the promotion and implementation of the Information Security Management Policy to ensure the secure and stable operation of all personnel, data, information systems, equipment, and networks within the Company. It is expected that all employees will understand, implement, and maintain the policy to achieve the goal of continuous information operations. For regulations regarding the use of general information equipment and various network services, please refer to the “General Information Equipment Security Management Standard Operating Procedures.”

 

  • “Implement information security to enhance service quality.”
  • “Strengthen information security training to ensure continuous operations.”
  • “Improve emergency response and enable rapid disaster recovery.”

 

All employees shall fully implement information security management. All information-related operational measures must ensure the confidentiality, integrity, and availability of business data, preventing risks such as leakage, damage, or loss caused by external threats or improper internal management. Appropriate protective measures shall be selected to reduce risks to an acceptable level. Continuous monitoring, review, and auditing of the information security management system shall be conducted to strengthen service quality and enhance service standards.

 

Information security certification

In January 2026, our company officially obtained ISO/IEC 27001:2022 Information Security Management System (ISMS) certification. Based on international standards, we have built and continuously improved our information security management architecture. Through systematic risk assessment and control mechanisms, we ensure the "confidentiality", "integrity" and "availability" of information assets, so as to effectively protect the data security of our customers and partners.

Scope:

Server room,network system services,file servers,accounting system maintenance and management,and office environment management.