operation and governance
information security management
effective cybersecurity management is fundamental to all operations. to ensure company has consensus of cybersecurity goals, usi set up a committee to boost cybersecurity awareness. the committee members are composed of cio, cfo, giso, vice presidents or division heads level above, cio shall report to senior vice president of administration group. under the committee, there are information security representatives to assist the information security committee in implementing cybersecurity affairs. usi have gotten iso 27001:2013 certification in 2020 and the cybersecurity management is further implemented in the usi group. to be a gatekeeper of company cybersecurity, it members not only take professional training courses, but also need be certified to ensure the effectiveness of our cybersecurity organization can systematically solve cyber incidents. usi had no cybersecurity incidents in 2021.
the company's cybersecurity objectives are to ensure the preservation of confidentiality, integrity, availability and compliance of the core systems engaged in business operations. additionally, quantitative goals are defined according to organization level and job function to ensure the achievements of the isms implementations and cybersecurity objectives.
1. protect usi's important information assets, including usi and customer products, manufacturing processing information and recipe, r&d information, services, and maintain their confidentiality, integrity, and availability.
2. strengthen usi employee's awareness of the company's and customer's information asset protection responsibilities.
3. ensure that the execution of all business comply with the requirements of relevant laws or regulations.
4. construct a safe and convenient information network environment to protect employees from internal and external cybersecurity threats.
5. establish a cybersecurity sustainability plan to ensure the business contingency.
6. in-depth assess existing cybersecurity level and enhance the maturity of entire cybersecurity management.