BON-FAME CO., LTD.

LANGUAGE EN
Investor Area

Investor Relations

其他分類選單

Information Security Policies

1. Objectives

To strengthen the information security management of BONFAME CO., LTD (hereinafter referred to as “our company”), and assure the confidentiality, integrity, and availability of all assets and information, meet the requirements of relevant laws and regulations, protect them from deliberate or unexpected internal and external threats, the policy is therefore established.

2. Scope of application

(1)The scope of application of this policy covers all employees of our company, outsourced companies, and visitors, etc.

(2)The scope of information security management covers the following areas, to prevent any possible risk and danger from improper use, leak, tampering, and destruction of information due to human errors, deliberate damage or natural disasters, etc. The management items are as follows:

a. Establishment and evaluation of information security policies.

b. Establishment and operation of the information security organization.

c. Classification, rating, and control of information assets.

d. Management of information security risks.

e. Personnel security management and education and training.

f. Physical and environmental security.

g. Communication and operation security management.

h. Access control security.

i. Compliance of unit policies to relevant legal regulations.

  • 3. Goals

    To assure the confidentiality, integrity, and availability of our company's assets, and protect the security of user data privacy. All employees of our company make efforts together to achieve the following goals:

    (1)Protect the security of information of our company's R&D, business, production, and services, and assure that the information can only be accessed by authorized personnel to protect its confidentiality.

    (2)Protect the security of information of our company's R&D, business, production, and services, and prevent unauthorized modification to ensure accuracy and integrity.

    (3)Ensure that the implementation of all our company's operations and services comply with the requirements of relevant laws and regulations.