Information Security Risk

Risk Management

Climate-Related Risk

Information Security Risk

Human Rights Risk

Infectious Diseases Risk

In order to strengthen information security capabilities, SYSTEX has set up the “Crisis Resolution Team” for Information Security protection, which is responsible for information security risks and supporting the resolution of Information Security and personal info. incidents. Meanwhile, each business unit that has introduced ISO 27001 has set up an Information Security Task Force Committee to provide consultancy, technical services and Information Security training courses, establish an information security risk management framework, and formulate information security policies and specific management plans. There are 10 members of the Information Security Task Force Committee, including chief of strategy, the division head of IT division, legal division and business units, and other relevant supervisors and employees. The Committee holds a total of meetings in 2022.

The Information Security Protection Team holds regular meetings to check whether there has been Information Security incidents, assess the possible risks and negative impacts to propose improvement plans. SYSTEX conducts risk assessments and related reviews every 6 months. In 2022, no high-risk projects were found through continuous risk assessment. Meanwhile, the mid- and low-risk projects were handed over to the relevant operating units for processing, and were included in the follow-up tracking and reporting operations.

Unit

Responsibility

Crisis Resolution Team for Information Security

  • Develop and implement the rules of IS, IS policy, and related operation actions.

  • Implement IS-related drills and develop corresponding rules.

  • Continuously improve IS defense management control.

Information Security Task Force Committee

  • Establish IS strategy Blueprint of SYSTEX Group and jointly invest in IS-related business with partners.

  • Establish security operations and service of Cyber Center.

  • Assist in the IS defense and protection of SYSTEX Group.

  • Cultivate IS-related technology talents of SYSTEX Group.

For more details, please refer to “Information Security Policy and Management“.