Information Security

Faced with various information security threats nowadays, CTCI has adopted ISO 27001 standards for information risk management since 2014, and is committed to reduce the likelihood and impact from security risks as well as improve the company's ability to carry on business operations. An information security promotion committee was also established, with the President serving as the chairman of the committee.
▼ CTCI Information Security Policy

▼ Information Security Team-Information Security Promotion Committee

▼ Four Major Goals of the CTCI Information Security Policy

Information Security Risk Assessments

Through the annual information security risk assessments, CTCI has analyzed the possible threats and weaknesses, which include:

Investments and Trainings on Information Security

CTCI continues to invest resources in information security every year, including strengthening information security facilities, improving security management systems, and providing education and trainings, and among others. They are fully implemented in terms of management to technical aspects, so as to boost overall information security.

For the Advanced Persistent Threat (APT) that has prevailed in recent years, CTCI has adopted the following control measures to reduce the possibility and impact of risks.

▼ Information Security Management Outcomes

▼ Risk occurrence of social engineering drillsover the past three years