TONG HSING ELECTRONIC IND., LTD.

Information Security

• 

  Establishing an Information Security and Risk Management Framework

  In response to the transformation of the company and the enhancement of information security management, the Company has gradually developed its Risk Management framework for information security. The Company currently has a management process in place for information security control. The Company plans to establish an information security organization in the fourth quarter of 2021 to coordinate the planning and implementation of information security for the Company's confidential information and to review and decide on information security management issues.
• 

  Information Security Policy

  To ensure the integrity of the Company's information security policy, the Company's information security policy covers all of the Company's associates, suppliers and contractors, and third party personnel who may have access to the Company's information. The Company's information security policy is reviewed annually in light of regulatory changes, updates in information security technology and the Company's business development.
• 

  Information Security Objectives

  Through proper classification and control of confidential information, staff education and training, and advanced information security control equipment, the Company ensures that confidential information is properly protected from unauthorized access, alteration, destruction, improper disclosure or cyber attacks.
• 

  Specific information security management solutions

  • Through firewalls and information zoning, internal, external, office and production areas are divided into security zones and firewalls are installed for information security defense.Through firewalls and information zoning, internal, external, office and production areas are divided into security zones and firewalls are installed for information security defense.
  • Regular information vulnerability scans are carried out to prevent problems before they occur and to remedy risks in a timely manner.
  • Advanced information security solutions are continuously introduced to effectively protect and manage systems, hosts and network behavior.
  • ERP, MES and other corporate database systems are fully backed up on a daily basis, and the recovery function is verified from time to time according to the company's needs as a last line of defense against encryption ransom attacks to ensure that the database and data can be safely restored.
  • Company mail is filtered through a spam control system to prevent phishing and virus intrusion.
  • Regular staff training sessions are held to promote information security awareness.
  • The Company conducts an annual self-assessment of information security and the self-assessment result for 2021 is good.

Intelligent Property Rights Management

Patent Application and reward System

• The Company has established the Patent Application and Incentive Regulations as a management policy to encourage our employees to be creative and to engage in research and development of various technologies to strengthen the Company's technological capabilities. The rules regulate the process of filing intellectual property proposals, the evaluation system of the jury, and the system of relative rewards for the acquisition of rights to encourage internal employees to invest in the research and development of products and technology innovation.

Management of Trade Secrets

• The employees of the Company are obliged to keep confidential information of the Company in accordance with their employment contracts, both on and off duty, to ensure that confidential information of the Company is not leaked or lost.
• The Company has established a classification system for the protection and management of confidential information, which is based on the level of the Company's confidential information, and ensures that the Company's employees are effectively aware of and fulfill their confidentiality awareness through education, training and reward and punishment systems.

Execution Status

The Company regularly reports to the Board of Directors on matters relating to intellectual property, with the most recent report being dated 2021/mm/dd.
The Company's current list of intellectual property acquisitions and results are as follows: