Information Security Management

Information Security Management

SNI is dedicated to information security management, with the Information Department designated as the responsible unit for information security. The department has appointed one Information Manager overseeing several specialized information personnel and a team dedicated to handling security issues. Their responsibilities include formulating internal information security policies, planning and executing information security operations, and promoting and implementing security policies. Additionally, to enhance security control, an Information Security Department was established in April 2023.

Information Security Organization

Information Security Policy

SNI adheres to the information security policy of "Doing information security well, with indispensable risk assessment," which serves as the highest management standard. This policy ensures the protection of personal data, internal confidential information, as well as customer and supplier data.

2021年當地供應商採購比例79.56%

2021年衝突礦產調查完成359家均符合需求

2020年完成供應商稽核輔導4家

2021年主要材料供應商

台灣廠商比例81.26%

2020年隔離框tray盤回收

10,709K 個

2020年貨物運輸車趟降低9.54%,節省900公升柴油

2019年當地供應商採購比例82.38%

2019年衝突礦產調查完成420家均符合需求

2019年優良供應商Qualcomm, Broadcom, Marvell, NXP, Qorvo

2019年供應商企業責任自評要求累積59家回覆

Information Security Management System

In 2022, the Information Security Management System operated smoothly, following the PDCA management cycle. Regular reviews of operational risks were conducted, and improvements were implemented to ensure the confidentiality, integrity, and availability of critical information assets within the company. This safeguards the data protection and security of stakeholders such as employees and customers. The effectiveness of the information security management system is maintained (Certificate validity period: November 1, 2021, to October 31, 2024).

PDCA Circular Management

Strengthening Employee Cybersecurity Awareness

Conducting annual information security awareness and education training, along with periodic announcements and advocacy on various aspects of information security awareness. Through continuous training and awareness efforts, we aim to enhance employee cybersecurity consciousness and enforce information security management.

ESG_operating_lecture