IT Security

The Structure of IT Security Risk Management

  • The structure of IT security risk is belong to the company’s Risk Management Committee.
  • IT Security Implantation Team is established with one leader of The Chief of Information Technology Officer and several professional IT staff. The main duties are planning and executing internal IT Security policy as well as reporting the process of IT governance to Risk Management Committee.
  • IT Security Audit Team is established with one leader of audit manager and several auditors. The main duties are supervising the conditions of internal IT Security as well as instituting improvement strategy for decreasing internal IT Security risks.

The Policy of IT Security

The scope of information security at T3EX Group encompasses employees, clients, suppliers, and shareholders and all IT software and hardware associated with its business activities. All information security standards and regulations are based on technical support and establishment of applications and data security standards. The standards and regulations are made part of the management system in order to protect the privacy of T3EX Group's employees, suppliers, and clients and maintain information security while the above parties discuss business matters. An information security monitoring system has been implemented to perform vulnerability scanning and prevent external hacker attacks and internal confidential information leakage. IT hardware/software control applies to the establishment of an information security network that includes the Internet and personal IT equipment, such as desktop computers, notebooks, tablets, and smartphones. The control measures are intended to ensure personal information, internal confidential information, and client and supplier information are effectively protected.

In addition, Annual information security training is also provided afterward. T3EX Group provides ongoing training as means to raise awareness of information security in the workplace and incorporate the elements into the processes in order to achieve the most secure and rigorous information protection. Due to the mechanism for the information security management and privacy being effectively implemented, we have not had any major information security incidents, nor have we been punished by authorities for information security issues.

The Plan of IT Security Management

  1. The Importance of System ID Risk Management: The creating, using, and deleting of System and email account ID should be applied as well as authorized for risk management purpose.
  2. The Importance of IT Equipment Risk Management: Keep IT equipment operating by increasing back-up servers, maintaining uninterruptible power system, or stabling IT equipment.
  3. Outside Threat: Increasing protections of company’s internet and operation systems to decrease hacker attacking risks.
  4. Strengthen Staff’s IT Security Awareness: Enhance the execution of Staff’s IT security regulation to avoid the leakage of internal secret information.