The development of employees has always been the focus of our work, through a wealth of on-the-job full-time training, professional external team customized training, as well as the group regularly arranged a variety of skills exchange and training, coupled with the global online knowledge portal set available at any time, our employees have the opportunity to grow and improve steadily not only in terms of professional experience, but also in the field of management skills, career planning, cross-team cultural collaboration, online and offline integration and other aspects. Team work with like-minded colleagues and partners to achieve common goals for personal development and organizational progress.
Information Security Management Regulation
> Onboard
Information Security
- Legal duties and rights related to the post;
- Responsibilities for the management of assets related to IT system;
- Duties of operating information from other organizations and agencies;
- Security duties in protecting personal information, including confidentiality of personal privacy, not misuse of personal information, etc.;
- Duties outside the office space and outside normal business hours;
- Penalties for information security violations.
Confidentiality Agreement
- Duration of the Confidentiality Agreement;
- The measures to be taken upon termination of the Agreement;
- The duties and conduct of the signatories in order to avoid the leakage of secrets;
- The relationship between confidentiality agreements and intellectual property protection and trade secret protection;
- Measures for archiving or destroying information upon termination of the Agreement;
- Disciplinary measures to be imposed upon violation of the agreement
Measures
- Personnel engaged in key positions are required to sign a working post safety agreement;
- Through education and training activities, ensure that departmental employees and outsiders understand their job IT security roles and responsibilities before taking up their posts;
- Ensure that in the pre-job training for employees, Information security related content such as information security management system and related management system, job information security responsibilities is included
> During the work
Information Security Check
- All Employees should improve their safety awareness, regularly conduct information security inspections of their positions within their department, and ensure that information security regulations are effectively implemented;
- The IT information support department will check the implementation of the job information security responsibilities of each department from time to time to ensure the implementation of the job information security responsibilities of each department.
Handling violations
- The employee shall be punished for any violation found in accordance with the relevant appraisal regulations;
- For violations that are particularly serious, they need to be notified and publicized to all employees.
> Regulations on Information Security Training
The company will carry out information security training from time to time, and the main content of regulations is as follows:
- Conduct safety awareness education, job skills training and related safety technology training;
- Discipline employees for violating safety policies and regulations;
- Conduct training on the basic knowledge of information security, job operating procedures, etc.;
- For those must-participate-regular information security training, each trainee must fill out a sign-in form in written confirmation;
- Training methods should be diversified, including lectures, watching video clips, learning network security materials, etc., in order to continuously improve the awareness of information security precautions;
- After the training, each needs to fill in the feedback and summery, and evaluate then record the training content;
> Regulations on Staff Resignation
- Return the assets
- Access rights reclamation
- Tracking and management of cybersecurity responsibilities
> Procurement and relevant management measures
- Hardware control, procurement and management (including PCs, laptops, printers, networking devices, etc.))
- Software procurement and management
