Information security is a core commitment at Gentrice. The following policies describe how we protect client data and systems across our organization, people, processes, and technology.
Gentrice's information security management system has been independently audited and validated against internationally recognized standards. We maintain and periodically recertify our compliance to keep our policies and practice in step.
Click the certificate to view the full image.
The company's information security management practices comply with applicable government laws and regulations, including:
The Information Security Promotion Organization is responsible for establishing and advancing the information security framework.
Information security training is conducted regularly to communicate the security policy and related implementation rules.
Management mechanisms for IT hardware and software are established to coordinate allocation and ensure effective use of resources.
Information security factors are incorporated into new systems before deployment to prevent threats to system security.
Physical and environmental safeguards are established for the computer room, with regular maintenance performed.
Access permissions for information systems and network services are clearly defined to prevent unauthorized access.
An internal audit plan reviews personal computer usage and the implementation of the information security framework on a regular basis.
A business continuity plan for information security is maintained and rehearsed through drills to ensure continuous operations.
All personnel are responsible for maintaining information security and shall comply with the related management rules.
The information security policy is reviewed periodically to reflect the latest government policies, regulations, technologies, and the company's business operations.
For questions about this policy, please reach out via our contact page.
Contact Us