Information Security Management Policy

Home
|
Sustainability
|
Management System Policy
|
Information Security Management Policy

Information Security Management Policy

Purpose
In recognition that information security is the foundation for the safe operation of all services, and to ensure a shared commitment within New Smart Technology Co., Ltd. (hereinafter “the Company”) to fulfilling the mission of information security, this Information Security Policy (hereinafter “this Document”) is established as the highest guiding principle for the Company’s Information Security Management System (ISMS).

Objectives
The Company’s information security objectives are to ensure the Confidentiality, Integrity, Availability, and Compliance of the core systems and management activities (i.e., the information systems and related management activities within the ISO/IEC 27001 certification scope). Quantitative indicators shall be defined by organizational level and function to measure ISMS performance, in order to confirm implementation status and the achievement of information security objectives.

Confidentiality: Prevent any unauthorized access to the Company’s confidential/sensitive information.
Integrity: Ensure the accuracy of the Company’s core systems and critical data.
Availability: Ensure the reliability of backup and redundancy mechanisms for the Company’s core systems.
Compliance: Comply with relevant laws and internal key operating procedures of our country (e.g., Personal Data Protection Act, Trade Secrets Act, and intellectual property laws) to avoid infringement of the rights and interests of the Company or any third party.

Scope
This policy applies to New Smart Technology Co., Ltd.

Organization and Responsibilities
To ensure effective operation of the ISMS, the information security organization and related responsibilities shall be clearly defined to promote and sustain management, implementation, and audit activities.

Implementation Principles
The ISMS shall be implemented in accordance with the Plan–Do–Check–Act (PDCA) cycle, following an iterative and step-by-step approach to ensure the effectiveness and continuity of information security.

Review and Evaluation
This Document shall be reviewed at least annually, taking into account the latest circumstances in laws and regulations, technological changes, stakeholder expectations, business activities, internal management, and resources, to ensure the effectiveness of information security practices.
Revisions to this Document shall be made based on the review results and shall take effect only after being promulgated by the General Manager and/or authorized personnel of the Information Security Management Committee.
Upon establishment or revision, this Document shall be communicated to stakeholders—including employees, suppliers, customers, and external auditors—through appropriate means (e.g., email, website announcement, or printed copies).

AI algorithm

Image Quality Testing System

Optical and Vision Inspection System

Precision Optical Active Alignment System

Smart Manufactory System Integration

Automotive

Semiconductor

AR/VR

Company Profile

Development history

Location

Organization

Governance

Sustainability Management

Management System Policy

Stakeholders

Sustainability Achievements

Financial Information

Shareholders’ Section

Information Security Management Policy

Product

Solution

About

Contact

Sustainability

Investor Relations