公司:
中國信託商業銀行股務代理部
電話:
We use cookies to improve your user experience and for web traffic statistics purposes. By continuing to use this website, you agree to our use of cookies. Our Privacy & Cookie Policy contains more information on such use and explains how to disable cookies.
Information Security
To conform with standard information security system framework of ISO27001, VisEra has built a sound system not only to promote information security but also to protect and maintain customer's design and related information. VisEra improves continuously to meet the objectives of following information security policy requirements.
  1. To establish and implement Information Security Management System.
  2. To comply with Information security requirements of contract and policy.
  3. Risk assessment for objectives setting and control measurement to continue improving information security.
  4. To guide the information security requirements to employees and relevant parties.
Information Security Committee
In order to maintain the company's competitiveness and reduce the risk of business interruption, ensure that the information system meets the requirements of confidentiality, integrity and availability, strengthen employees' awareness of information security, and establish an "Information Security Committee" to implement and promote information security management operations.
           information security committee
 
Information Security Risk Management Practice
  • Designate Chief Information Security Officer and information security team to be responsible for promoting, coordinating, supervising and reviewing information security management matters, establishing information security incident notification and response organizations, identifying information security risks and implementing information security risk improvement measures.
  • Since 2011, established information security management specifications that comply with the ISO 27001 standard, and has passed the certification and audit of a third-party audit company, and re-certificated annually in accordance with the ISO 27001 standard.
  • Implement and improve information security protection measures for DMZ (hosts that provide external services), office areas, data centers, production lines, cloud services, etc., and formulate KPIs and daily monitoring mechanisms for relevant control measures.
  • Participate in information security information sharing organizations to obtain information security warning information, information security threats and vulnerabilities.
  • Regular information security education and training, and phishing mail drills to enhance information security awareness.
ISO27001 Standard PDCA Model
pic
ISO27001