{"id":3308,"date":"2023-10-29T15:25:05","date_gmt":"2023-10-29T15:25:05","guid":{"rendered":"https:\/\/kway.oskayfc.com\/?page_id=3308"},"modified":"2026-02-05T14:44:32","modified_gmt":"2026-02-05T06:44:32","slug":"esg_iss","status":"publish","type":"page","link":"https:\/\/www.kway.com.tw\/en\/esg_iss\/","title":{"rendered":"ESG_ISS"},"content":{"rendered":"\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t\t
<\/div>\n\t\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t
\n\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

ESG<\/h2><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t
\n\t\t\t\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

Information Security Statement<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Kway Information Co., Ltd. (hereinafter referred to as \u201cthe Company\u201d) has established this Information Security Policy to strengthen information security management and safeguard the Company\u2019s assets\u2014including information, software, hardware, technical services, and personnel\u2014against external threats or improper internal management and use that may result in tampering, disclosure, destruction, or loss.<\/span><\/p>

This policy ensures that the confidentiality, integrity, availability, accountability, and security requirements of the Company\u2019s data, systems, equipment, and network assets are met, and serves as a basis for compliance.<\/span><\/p><\/div>

Information Security Policy Commitments<\/strong><\/div>
  1. Governance Structure \u2013 Establish an Information Security Steering Committee<\/i>, Information Security Implementation Task Force<\/i>, and Information Security Audit Team<\/i> to ensure the effectiveness of the Company\u2019s information security management operations.<\/span><\/li>
  2. Asset Management and Risk Control \u2013 Maintain an inventory of information assets, conduct risk assessments, and implement control measures to effectively mitigate risks that exceed acceptable levels.<\/span><\/li>
  3. Responsibilities and Obligations \u2013 All employees, contractors, outsourced vendors and their subcontractors, as well as visitors, who use the Company\u2019s information resources to provide services or perform related tasks, are responsible for safeguarding the information assets they obtain or use, preventing unauthorized access, tampering, destruction, or improper disclosure.<\/span><\/li>
  4. Business Continuity \u2013 Develop a Business Continuity Plan (BCP), conduct regular drills, and adjust and update the plan continuously in alignment with business development and organizational changes.<\/span><\/li>
  5. Secure IT Environment \u2013 Establish a safe and reliable information system environment to ensure the Company\u2019s sustainable business operations.<\/span><\/li>
  6. Confidentiality of Customer Data \u2013 Treat all customer and member information as business confidential data; personnel handling such information must adhere to their authorized permissions and not exceed them.<\/span><\/li>
  7. Compliance and Awareness \u2013 All Company personnel must comply with legal requirements and the Company\u2019s information security policies. Supervisors are responsible for overseeing policy implementation and reinforcing employees\u2019 awareness of information security and regulatory compliance.<\/span><\/li>
  8. Continuous Improvement \u2013 Information security is the shared responsibility of all personnel. Through ongoing review and improvement, the Company will ensure that its information security framework continues to evolve and strengthen.<\/span><\/li><\/ol>
    Information Security Objectives<\/b><\/strong>
    (1) Core Objectives<\/b>
    The Company is committed to safeguarding the confidentiality, integrity, and availability of its information assets, as well as protecting customer data privacy. Through the joint efforts of all employees, the following objectives are pursued:<\/span><\/div>
    • Protect business information from unauthorized access or modification to ensure its accuracy and integrity.<\/span><\/li>
    • Establish a dedicated information security organization responsible for formulating, promoting, implementing, evaluating, and improving information security management, thereby ensuring a secure environment that supports uninterrupted business operations.<\/span><\/li>
    • Conduct information security education and training to raise employee awareness and reinforce their understanding of related responsibilities.<\/span><\/li>
    • Implement an information security risk assessment mechanism to enhance the effectiveness and timeliness of information security management.<\/span><\/li>
    • Enforce an internal information security audit system to ensure proper implementation of information security management practices.<\/span><\/li>
    • Ensure all business activities comply with applicable laws and regulations.<\/span><\/li><\/ul>
      (2) Measurement and Review<\/b>
      Information security performance indicators shall be measured according to the planned schedule to verify their effectiveness, reviewed and approved during management review meetings, and examined or revised at least once annually.<\/span><\/div><\/div><\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
      \n\t\t\t\t\t\t
      \n\t\t\t\t\t
      \n\t\t\t
      \n\t\t\t\t\t\t
      \n\t\t\t\t
      \n\t\t\t\t\t

      Specific Management Measures:<\/h4>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
      \n\t\t\t\t
      \n\t\t\t\t\t
        \n
      • This policy shall be evaluated at least once a year to reflect the latest developments in government regulations, technology, and business operations, ensuring the effectiveness of practical information security measures.\n<\/li>\n\n
      • The policy takes effect upon issuance and shall be communicated in written, electronic, or other appropriate forms to employees, contractors, outsourced vendors, and their subcontractors.<\/li>\n\n
      • All departments must strictly comply with this policy. Any confirmed violation will be handled in accordance with relevant regulations, considering the severity of the incident.<\/li>\n<\/ul><\/h6>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
        \n\t\t\t\t
        \n\t\t\t\t\t

        Implementation Status<\/h4>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
        \n\t\t\t\t
        \n\t\t\t\t\t\t\t\t\t

        1.\u00a0\u00a0\u00a0Information Security Governance:<\/span><\/p>

        • Appointment of one Information Security Officer and one Information Security Specialist.<\/li>
        • Convening two Information Security Implementation Task Force meetings annually to review and approve security-related policies for submission to top management.<\/li>
        • Annual execution of information security training, phishing simulation exercises, and business impact analysis drills.<\/li>
        • Participation in the Taiwan Computer Emergency Response Team\/Coordination Center (TWCERT\/CC) incident reporting and information sharing mechanism.<\/li><\/ul>

          2.\u00a0\u00a0\u00a0Self-Assessment:
          <\/span><\/p>

          • The 2025 (Year 114) internal self-assessment was completed on June 6, 2025 (Year 114), with a follow-up internal audit scheduled for completion by July 31, 2025.<\/li><\/ul>

            3.\u00a0\u00a0\u00a0Certification:<\/span><\/p>

            • The Company obtained ISO\/IEC 27001:2013 Information Security Management Systems certification on August 26, 2022 (Year 111), valid until August 25, 2025 (Year 114).<\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"

              ESG Information Security Statement Kway Information Co. […]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_uag_custom_page_level_css":"","site-sidebar-layout":"no-sidebar","site-content-layout":"page-builder","ast-site-content-layout":"","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"disabled","ast-breadcrumbs-content":"","ast-featured-img":"disabled","footer-sml-layout":"","theme-transparent-header-meta":"enabled","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"class_list":["post-3308","page","type-page","status-publish","hentry"],"uagb_featured_image_src":{"full":false,"thumbnail":false,"medium":false,"medium_large":false,"large":false,"1536x1536":false,"2048x2048":false},"uagb_author_info":{"display_name":"kway_en","author_link":"https:\/\/www.kway.com.tw\/en\/author\/kway\/"},"uagb_comment_info":0,"uagb_excerpt":"ESG Information Security Statement Kway Information Co....","_links":{"self":[{"href":"https:\/\/www.kway.com.tw\/en\/wp-json\/wp\/v2\/pages\/3308","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kway.com.tw\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.kway.com.tw\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.kway.com.tw\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kway.com.tw\/en\/wp-json\/wp\/v2\/comments?post=3308"}],"version-history":[{"count":52,"href":"https:\/\/www.kway.com.tw\/en\/wp-json\/wp\/v2\/pages\/3308\/revisions"}],"predecessor-version":[{"id":5818,"href":"https:\/\/www.kway.com.tw\/en\/wp-json\/wp\/v2\/pages\/3308\/revisions\/5818"}],"wp:attachment":[{"href":"https:\/\/www.kway.com.tw\/en\/wp-json\/wp\/v2\/media?parent=3308"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}