In Line with International Information Security Standards |
|
Information Security Guidelines |
Information Security Responsible Unit |
Giant's "Information Security Promotion Committee" is led by the President, who serves as the "Chief Information Security Officer" (CISO), and includes the "Information Security Officer" and members of the "Information Security Audit Team." The CISO is also responsible for appointing members to the "Information Security Execution Team" and the task-oriented "Emergency Response Team." These three teams are responsible for auditing, promoting, executing, and advocating for Giant's information security management system, as well as handling and responding to security incidents.
Information Security Risk Management |
To effectively manage the risks associated with Giant's Information Security Management System (ISMS), the company established the "Risk Assessment and Management Procedure" in 2023.
|
|
|
|
|
Information Security Education and Training |
Planned by the "Information Security Execution Team." Both internal and external personnel are required to participate in relevant training based on their job responsibilities. In 2023, Giant established the "Personnel Security and Education Training Procedure," which outlines the content, frequency, required training hours, and evaluation standards for information security training courses. The company is actively planning the implementation of these training programs.
Software and Hardware Control |
Information Security Incident Reporting Procedure |
Giant employees are required to promptly report any security incidents to the responsible unit. The unit will assess whether the incident is a security issue and decide whether to report the findings to the discoverer or escalate the matter to the Chief Information Security Officer. Incidents are classified into four levels based on their severity and the impact on the company. Depending on the severity, the "Business Continuity Plan" may be activated, or the incident may be handled through standard procedures. After the incident is resolved, relevant regulations and operational procedures are reviewed to prevent similar incidents from recurring. Regular statistics and analysis of security incidents are conducted to reduce the frequency and impact of future incidents.
External Link Disclaimer
You are about to leave Giant’s website. We have provided this link as a courtesy, but it is no way an endorsement by Giant, and we are responsible for its content. Please understand that when you leave our site, our Privacy Policy is no longer in effect.