CSRCSR

Information Security

  • Information Security Policy and Objectives

    Our company is firmly committed to protecting the privacy and security of customer and shareholder data. Our information security policy clearly defines our commitment to safeguarding customer information. The company’s information security objectives include ensuring data confidentiality, integrity, and availability, as well as complying with applicable privacy regulations and standards. The company has appointed an information security officer and a dedicated security specialist (a total of two individuals) responsible for overseeing and implementing these policies. As of 2023, eight security meetings have been held.

  • Information Asset Classification and Assessment

    We actively classify and assess information assets to ensure that appropriate protective measures are applied to different categories of information. The sensitivity level of information affects how it is processed and stored, closely aligning with business processes.

  • Information Security Architecture

    Our information security architecture includes key components such as network security, authentication, access control, encryption, security monitoring, and threat detection. These technologies and measures provide comprehensive protection for our information assets. On April 25, 2022, we obtained ISO27001:2013 certification, and we conduct annual verifications to ensure its validity, reflecting the company’s strong commitment to information security.

Image
Image
  1. Risk Management and Compliance

    We actively manage risks through risk assessment and risk response planning to mitigate potential information security risks. The company ensures compliance with regulations such as the Personal Data Protection Act and continuously monitors compliance.

  2. Employee Training and Awareness

    Our company is committed to employee education on information security best practices, providing at least two hours of training annually. In 2023, a total of 90 employees participated in training, achieving a 100% participation rate. Training covers handling sensitive information, password management, and preventing social engineering attacks. Employees are also informed on how to report information security issues.

  3. Security Incident Response

    Our security incident response plan enables us to promptly detect, report, and respond to security incidents. We take proactive measures to prevent future risks, ensure the effectiveness of data backup and recovery mechanisms, and establish transparent reporting protocols for security incidents to safeguard the rights of shareholders and stakeholders. To date, no major cybersecurity incidents have occurred.

  4. Partner and Supplier Management

    Managing relationships with partners and suppliers is part of our information security strategy, especially regarding data sharing and processing. We conduct regular third-party risk assessments to ensure data protection.

  5. Performance Measurement and Metrics

    We utilize various performance metrics to evaluate our information security policies, including security incident rate, employee training participation rate, and security vulnerability remediation time. This data helps us continuously improve our security measures.

  6. Annual Information Security Review

    Each year, we conduct an annual information security review to assess the effectiveness of our security policies and practices and ensure alignment with the latest standards. This review allows us to evaluate the efficacy of our security architecture.

  7. Future Development and Trends

We will continue to closely monitor future developments and trends in information security, adjusting our strategies to address emerging threats and challenges. We are also committed to actively participating in industry compliance initiatives.

Contact us

M-Power Information Co., Ltd.

FAX:886_2_27313636

12F., No. 85, Sec. 4, Ren'ai Rd., Da'an Dist., Taipei City 10688, Taiwan (R.O.C.)

marketing@mpinfo.com.tw

Image

12F., No. 85, Sec. 4, Ren'ai Rd., Da'an Dist., Taipei City 10688, Taiwan (R.O.C.)
Tel: +886-2-2731-6868
Fax: +886-2-2731-3636

Image
Image