In the era of information explosion, Ace Pillar attaches great importance to information security. To ensure corporate information security, Ace Pillar has established information security guidelines in accordance with the ISO 9001 international standards to prevent risks caused by information leakage. We ensure the confidentiality, integrity, availability, and legality of corporate assets and safeguard against intentional or accidental threats from internal and external sources. We are committed to avoiding risks and achieving sustainable business operations.
Ace Pillar has a dedicated information security manager and personnel. The IT department is in
charge of promoting information security within the company. Using regulations and tools of information assets, we effectively safeguard the security of our intellectual property and increase employee awareness of information security.
To implement information security management, Ace Pillar regularly holds meetings to assess and respond to relevant risks to effectively reduce, transfer, or eliminate these risks.
Information security monthly meetings:
We hold monthly group information security meetings to review the current security status.
Risk management committee quarterly meetings:
The Risk Management Committee holds meetings quarterly to review internal risks.
Ace Pillar has established an information security management system to implement information security policies, protect customer data and company intellectual property, strengthen incident response capabilities, and meet information security policy metrics. This ensures we meet the expectations of our stakeholders.
Individual account: Each internal employee has their own employee account and password.
Division of permissions: Grant information access permissions based on the job level.
Password update: The password for each account must be updated every six months.
Anti-virus software: Regularly update the version of anti-virus software.
Intrusion detection: check whether the firewall has been compromised on an ad hoc basis.
Data control: All internal computers must use company-controlled disks, and virus scanning
must be performed immediately each time a disk is used.
Regular backup: Data used within the company is regularly backed up to ensure information
security.
In establishing the information security management system, Ace Pillar has strengthened the internal emergency response SOP and drills. We continue to simulate various information security attack scenarios and arrange for relevant personnel to participate in these drills. This ensures we can initiate the emergency response SOP when an event occurs, effectively reducing response time and minimizing the Company's losses.
No significant disasters have occurred in the past three years.