About Us

Home / About Us / Corporate Policy

Information Security Policy

Vision

Become a partner with commercial integrative capability within the Group and one of the key promoters of achieving business goals.

Purpose

Taiflex Scientific Co., Ltd. (hereinafter “the Company”) establishes the Information Security Policy to strengthen information security management and ensure the confidentiality, integrity and availability of the Company's information assets in order to provide an information environment for information operation continuity and achieve the goal of business continuity. The policy complies with the relevant regulation requirements and prevent the deliberate or accidental threats from inside or outside of the Company.

Scope

Information security management covers 14 management items to avoid improper use, leakage, tampering, and destruction of information due to human negligence, deliberate or natural disasters and other factors, which may bring various possible risks and harms to the Company. The management matters are as follows:

  • Information security management policy formulation and evaluation.
  • Information security organizations.
  • Human resources security.
  • Information asset management.
  • Access control security.
  • Password security.
  • Physical and environment security.
  • Job management.
  • Communication security.
  • Information system acquisition, development and maintenance.
  • Supplier and outsourcing relationship management.
  • Information security incident response and handling.
  • Continuous operation management.
  • Compliance with relevant regulations and policies.

Target

In accordance with the Company's Information security policy, the goals are formulated under the consideration for the applicable requirements of Information security regulations, the risk assessment, and the results of risk handling. The Information security goals are as follows:

  • Protect the Company's key business information from unauthorized access.
  • Maintain continuous operation of the core information system to ensure that the Company has an information environment for business continuity.
  • Organize information security education and training, promote staff awareness, and enhance their knowledge on related responsibilities.
  • Implement internal and external audit systems for information security.

Certification

The Company's information security management is based on the Trade Secret Management Policy formulated by the Intangible Assets Security Committee which was established in 2015. Circular reviews, inspections and tracking are conducted periodically pursuant to the quality system under ISO27001 with relevant risk management measures implemented. To reinforce the Company information security risk management, Taiflex has obtained ISO27001 Information Security Management certification for eight consecutive years, and the validity period of current certification is from November 2022 to October 2025.

The Company has submitted and reported the related information security management measures, including information security risk management framework, information security policy, and information security management plan to the Board of Directors meeting on October 30, 2024.