In order to implement information security management, members of the Executive Committee shall be responsible for promoting information security, and the President shall supervise it.
The general direction of and action guidelines for information security shall be established by the Management Committee to be communicated and adjusted according to the relevant departments.

We shall recognize the importance of ensuring the confidentiality, integrity, and availability of all information assets we hold.
At the same time, we shall continuously evaluate the risks and strive to appropriately protect the information assets under an information security system.

All officers and employees shall comply with the internal rules documented in writing based on laws and regulations concerning information security measures, business requirements, and other various standards.

We shall provide all officers and employees with the necessary education and training on information security and make each individual recognize the importance of participating in information security activities in order to raise awareness and ensure that relevant regulations are thoroughly communicated.

We shall periodically conduct internal audits on information security and take appropriate corrective measures as necessary.
At the same time, we shall minimize, as much as possible, any business interruptions caused by coincidental disasters, breakdowns, negligence, or by intentional misuse of information assets.

If officers or employees of the company violate the internal rules for information security, or if their actions fall under any compliance violations with laws and regulations pertaining to information security due to willful or gross negligence, they shall be subject to disciplinary action.