ABOUT US
HOME-ABOUT US
ISMS Policy Statement
Information Security Management System (ISMS) Policy Statement
We, CIRCLE Metal Powder Co., Ltd. (hereafter "the Company") is committed to enhancing customer satisfaction and contributing to society through the continual management and improvement of our Information Security Management System (ISMS).”
To ensure the effective implementation, operation, supervision, and continual improvement of the Company's Information Security Management System (ISMS), and to safeguard the confidentiality, integrity, and availability of the company's critical information systems, this Information Security Management Policy is hereby established.
This policy provides clear principles for all personnel in performing their daily responsibilities. All employees are required to comply with and actively support the Information Security Management Policy to ensure the secure and stable operation of the Company's personnel, data, information systems, equipment, and network resources. All employees are expected to understand, implement, and maintain this policy to support the Company's business continuity objectives. Regulations regarding the use of general information equipment and network services are detailed in the “ISMS-W-001 General Information Technology Equipment Security Management Standard Operating Procedure.”
“Implement Information Security to Enhance Service Quality”
“Information Security Training to Strengthen Business Continuity”
“Enhancing Emergency Preparedness and Response to Accelerate Disaster Recovery”
· Implement Information Security to Enhance Service Quality
The Company is committed to protecting information assets against unauthorized access, disclosure, alteration, destruction, or loss arising from external threats or inappropriate internal practices. All information security controls shall be selected, implemented, and maintained in accordance with risk assessment results to reduce risks to an acceptable level. The Company shall continuously monitor, review, and audit the effectiveness of the ISMS to ensure the reliability of business operations, enhance service quality, and support continual improvement in accordance with ISO 27001 requirements.
· Information Security Training to Strengthen Business Continuity
To ensure effective implementation of the ISMS, the Company shall provide ongoing information security awareness and competency training to all employees annually. This fosters the principle that "Cybersecurity is everyone's job". Training programs aim to improve employees' understanding of information security requirements, enhance compliance, increase awareness of potential security risks, and strengthen emergency response capabilities, thereby supporting the company's business continuity objectives.
· Enhancing Emergency Preparedness and Response to Accelerate Disaster Recovery
The Company shall establish and maintain emergency response procedures and disaster recovery plans for critical information assets and key business processes. Regular testing, drills, and reviews shall be conducted to ensure the Company can rapidly restore information systems and critical operations in the event of system failure or major incidents. These measures aim to minimize operational impact and ensure continuity of essential business services.
We, CIRCLE Metal Powder Co., Ltd. (hereafter "the Company") is committed to enhancing customer satisfaction and contributing to society through the continual management and improvement of our Information Security Management System (ISMS).”
To ensure the effective implementation, operation, supervision, and continual improvement of the Company's Information Security Management System (ISMS), and to safeguard the confidentiality, integrity, and availability of the company's critical information systems, this Information Security Management Policy is hereby established.
This policy provides clear principles for all personnel in performing their daily responsibilities. All employees are required to comply with and actively support the Information Security Management Policy to ensure the secure and stable operation of the Company's personnel, data, information systems, equipment, and network resources. All employees are expected to understand, implement, and maintain this policy to support the Company's business continuity objectives. Regulations regarding the use of general information equipment and network services are detailed in the “ISMS-W-001 General Information Technology Equipment Security Management Standard Operating Procedure.”
“Implement Information Security to Enhance Service Quality”
“Information Security Training to Strengthen Business Continuity”
“Enhancing Emergency Preparedness and Response to Accelerate Disaster Recovery”
· Implement Information Security to Enhance Service Quality
The Company is committed to protecting information assets against unauthorized access, disclosure, alteration, destruction, or loss arising from external threats or inappropriate internal practices. All information security controls shall be selected, implemented, and maintained in accordance with risk assessment results to reduce risks to an acceptable level. The Company shall continuously monitor, review, and audit the effectiveness of the ISMS to ensure the reliability of business operations, enhance service quality, and support continual improvement in accordance with ISO 27001 requirements.
· Information Security Training to Strengthen Business Continuity
To ensure effective implementation of the ISMS, the Company shall provide ongoing information security awareness and competency training to all employees annually. This fosters the principle that "Cybersecurity is everyone's job". Training programs aim to improve employees' understanding of information security requirements, enhance compliance, increase awareness of potential security risks, and strengthen emergency response capabilities, thereby supporting the company's business continuity objectives.
· Enhancing Emergency Preparedness and Response to Accelerate Disaster Recovery
The Company shall establish and maintain emergency response procedures and disaster recovery plans for critical information assets and key business processes. Regular testing, drills, and reviews shall be conducted to ensure the Company can rapidly restore information systems and critical operations in the event of system failure or major incidents. These measures aim to minimize operational impact and ensure continuity of essential business services.
