Investor

Our company is committed to protecting information assets, ensuring business continuity, and minimizing cyber security risks. In line with our corporate sustainability strategy, the company has established comprehensive cyber security governance mechanisms to ensure secure production operations. This policy applies to all company employees, suppliers, and external partners, covering all information systems, data, and networks. All personnel accessing company information assets must comply with this policy.
2、Organization and Responsibilities

The company has established the IT Division for cyber security management, responsible for planning and implementing security operations. The Audit Division has been established to oversee implementation and track improvements for identified deficiencies. The Corporate Governance Team under the Sustainability Committee integrates ESG and cyber security management to strengthen corporate sustainability governance.
3、Asset Management and System Security

The company establishes asset management systems and implements appropriate protection measures. System protection mechanisms are executed and regularly updated through established procedures. The office and production networks are segregated to ensure production system security and maintain stable operations. Change management is implemented for critical systems to ensure operational stability.
4、Access Control

The company implements system access management, conducts regular user permission reviews, and maintains special controls for critical systems. Comprehensive account management procedures ensure timely processing of system access during personnel changes.
5、Data Protection and Backup

The company implements data encryption and access controls, strengthens protection of production-related data, and prohibits storage of company data on unauthorized devices. Data backup mechanisms are implemented with regular backup and recovery drills to ensure data security.
6、Incident Reporting and Response

The company has established cyber security incident reporting and response procedures, with incidents investigated and handled by the IT Division. A cross-departmental crisis response team is established to assess incident impact and develop response strategies.
7、Training and Compliance Management

The IT Division conducts regular cyber security training to enhance security awareness. Security behavior guidelines are established, and the Audit Division conducts related audits to ensure implementation.
8、Regulatory Compliance

The company complies with relevant regulations, regularly reviews regulatory changes, and adjusts management measures accordingly. Through comprehensive cyber security governance, we fulfill our commitment to sustainable operations.
9.Policy Maintenance and Disclosure

This policy is reviewed annually by the IT Division and updated when necessary. Implementation results are appropriately disclosed through sustainability reports and the company website. For any security concerns, please report to: Email: security@panpi.com.tw