Information Security Management Policy

Information Security Management Policy : 人人做資安 資通保平安

In order to strengthen information security management and maintain the confidentiality, integrity and availability of the company’s important information systems, the company has formulated a number of information security regulations and systems to regulate the information security behavior of company personnel. The company regularly reviews the relevant systems every year to see if they are in line with changes in the operating environment, and makes timely adjustments as needed to establish a safe and reliable technology industry.

The company completed the establishment of a dedicated information security unit, the Information Security Management Department, in July 2023, and set up a dedicated information security supervisor and personnel.

The company’s most recent board of directors report on the implementation of information security risk management was on November 14, 2023.
The company obtained ISO-27001 certification on June 13, 2023.

Eight Standards for Information Security Management

  1. Program and data access and control operations
  2. Data input and output control operations
  3. Data processing control operations
  4. Security control operations of files and equipment
  5. Purchase, use and maintenance control of hardware and system software
  6. System recovery plan and test program control operations
  7. Control operations of information security inspection
  8. Control of public information

Information Security Management Framework

Information security incident reporting process

ESG Risk Evaluations

Ennoconn evaluates risks of related issues in environment, society, and corporate governance according to the significance priciple of CSR, and formulates risk management policies or strategies for assessed risks as follows.

Key MattersRisk Evaluation ItemsPolicies or Strategies of Risk Management
Environment

Environment protection and Ecological conservation
Ennoconn devotes itself to environment protection, formulates waste management methods, and effectively reduces the impact of daily operations on the environment through PDCA management control,

Ennoconn implements energy-saving and carbon-reducing measures to reduce the impact of disposing waste on the earth environment through resource recycle and the pomotion of green action in general affairs.

SocietyLabor and Occupational safety
Ennoconn cares about every working partner, formulates "Occupational safety and health policy", "Safety commitment ", "Occupational safety and health work rules" and handles four major occupational safety plans "Maternal protection plan", "Human-induced hazard prevention plan ", "Abnormal workload prevention plan ", "Unlawful infringement in the workplace prevention plan". To maintain workplace safety and health, and ensure the safety of employees' lives and property and the safety of the environment.
Ennoconn will continue to strengthen the ability of employees to recognize hazards in the office area and factory area and advocate to create a safe workplace culture, so that every employee can work safely in a safe workplace.
We care about the health of our employees and cooperate with the health examination center. Employees have to regularly arrange time for health examination every year.
SocietyClient rights and Product safety With regard to the client rights, Ennoconn provides product liability insurance for products sold to protect client rights. We also setup a communication channel on our website to communicate with stakeholders directly.
Corporate Governance ComplianceEnnoconn has set up a corporate governance unit to regularly review and revise corporate governance code as well as related measures. We even set up management procedures for preventing insider transactions to standardize internal procedures of significant confidential information. Besides, we strengthens advocation of the restriction of using undisclosed information on market to profit from trading the company's securities. Related measures are implemented by internal control system.
Document NameDocument Link
Ennoconn IT Security Risk Management
PDF Icon