Risk Management

Risk Management
Climate-Related Risk
Infectious Diseases Risk
Information Security Risk

In order to strengthen information security capabilities, SYSTEX has set up the “Crisis Resolution Team” for IS protection, which is responsible for information security risks and supporting the resolution of IS and personal info. incidents. Meanwhile, each business unit that has introduced ISO 27001 has set up an IS Task Force Committee to provide consultancy, technical services and IS training courses, establish an information security risk management framework, and formulate information security policies and specific management plans.

The IS Protection Team holds regular meetings to check whether there has been IS incidents, assess the possible risks and negative impacts to propose improvement plans. SYSTEX conducts risk assessments and related reviews every 6 months. In 2021, no high-risk projects were found through continuous risk assessment. Meanwhile, the mid- and low-risk projects were handed over to the relevant operating units for processing, and were included in the follow-up tracking and reporting operations.

Unit

Responsibility

Crisis Resolution Team for Information Security

  • Develop and implement the rules of IS, IS policy, and related operation actions.

  • Implement IS-related drills and develop corresponding rules.

  • Continuously improve IS defense management control.

Information Security Task Force Committee

  • Establish IS strategy Blueprint of SYSTEX Group and jointly invest in IS-related business with partners.

  • Establish security operations and service of Cyber Center.

  • Assist in the IS defense and protection of SYSTEX Group.

  • Cultivate IS-related technology talents of SYSTEX Group.

For more details, please refer to “Information Security Policy and Management“.