Information Security Policy Statement
In order to enable the company's ISMS (Information Security Management System) to implement, effectively operate, supervise and manage, continue to maintain the confidentiality, replacement and availability of the its important information systems, we have specially developed information security management policies.
The objective of this Information Security Policy Statement is to provide clear guidelines for colleagues in daily work.
All colleagues are duty bound to actively participate in the promotion of ISMS to ensure the safety on its employees, data, information system, equipment and networks.
YPRO hopes that all colleagues can understand, implement and maintain to achieve continuous operation of information.
Implementing information security and strengthening service quality;
Strengthen information security training to ensure continuous operation;
Taking emergency response and quickly recovering from the disaster.
Implementing information security and strengthening service quality.
•ISMS is implemented by all colleagues.
•All measures related to information operations should ensure the confidentiality, overlap and substitution of business information to avoid risks of leakage, destruction or loss caused by external threats or improper management of internal personnel.
•Choosing appropriate protection measures to reduce the acceptable risk.
•Continued monitoring, reviewing and auditing the work of information security management system.
•Strengthening service quality and improve service standards.
Strengthen information security training to ensure continuous operation.
•Supervising the implementing information security management work by all colleagues.
•Providing appropriate information security education and training for employees every year.
•Establishing the concept of "Information security is everyone's responsibility" to encourage colleagues to understand the importance of information security.
•Not only encouraging colleagues to comply with information security regulations, but also improving information security intelligence and emergency response capabilities.
•Reducing information security risks and achieving the goal of continuous operation.
Taking emergency response and quickly recovering from the disaster.
•Formulating the plans such as emergency response and disaster recovery for important assets and critical businesses.
•Performing regular drills of various emergency response procedures.
•Ensuring that information system failures or major disaster events can be quickly restored.
•Ensuring that critical businesses is continued operation and the loss is minimized.
