:::
Welcome to Chunghwa POST Menu
Home| Chinese| sitemap| Contact Us|
About Us| Postal Services| Banking Services| Postal Museum| Questions and Answers| Links|
search   

Information Security Policy

Hereunder is the Statement of Information Security Policy of our company:
In view of the needs for national welfare and people's livelihood, social stability, and being in accord with state policies, Chunghwa Post Co., Ltd. provides postal, banking, and life insurance services to the masses of the society. To meet such goals Chunghwa Post Co., Ltd. has formulated information security control measures to protect the confidentiality, integrity, and availability of important personal data and transaction information; to strengthen the management of information security; to ensure the security of data, systems, equipment, and networks; to furnish a reliable information environment for transactions; to deploy the latest innovated technologies of information security protection; to implement the code of practice for information security management; to make efforts to the improvement in service quality of Chunghwa Post and providing quality service; aiming for synchronous advancement with the society based on the spirit of continual innovation and striving for perfection.
top
Major requisites to fulfill such goals:
1 To establish Information Security and Personal Data Protection Management Committee and Initiative Team for Information Security and confirm the effectiveness of management and operation of information security.
     
2 A checklist of information assets shall be put together by each section and the owner of each asset shall be specified. Risk assessment shall be performed according to asset group requirements. Risk management shall be introduced when risk identified as higher than acceptable level in order to lower the risk effectively and various control measures can be implemented continuously.
     
3 New recruits shall go through necessary assessment and sign relevant operation agreements. Personnel shall participate in information security education and training programs to build up knowledge and awareness of information security.
     
  4 Personnel access control and article entry/exit regulations shall be carried out when entering the office building or controlled areas of our company.
     
  5 Employees are strictly forbidden to get company's intranet connected with external networks. Firewalls, demilitarized zones (DMZ), proxy servers, and other necessary security apparatus shall be installed to protect network security. Appropriate backups or monitoring mechanisms shall be established for key equipment to maintain its availability thereof. Antivirus software shall be installed to each of employee's computer and update virus pattern files periodically. Unauthorized software shall be forbidden.
     
  6 Employee shall be responsible for safekeeping the account number, password, and authorization he/she holds and uses. The management shall check and review relevant information on a regular basis. Back-up and second-site replication of data related to the operation of key systems shall be made periodically.
     
  7

The deployment of security control system shall be planned during the initial stage of system development. Control, monitoring, and requirements for information security shall be strengthened and specified in outsourced development contract information service. The system development should pay attention to palm of the time interval to control, avoids delaying escapes the foreword.

     
  8 Appropriate response and notification procedures for incidents and weakness of information security shall be devised so that reactions to information security incidents can be made immediately and harm can be kept to minimum.
     
  9 Business continuity plans BCP shall be mapped out, and to be drilled regularly, and updated continually.
     
  10 Confirmation and reexamination mechanism shall be put into effect to daily routines of employees to maintain accuracy of data. Supervisors shall supervise the implementation and observance of information security system and help to build up awareness of information security and concept of law-abiding.
     

Information Security Policy has become effective starting the day of promulgation and has been notified to all employees through written, electronic or other means. All departments shall follow this policy without fail. Any violation of Information Security Policy once verified shall be punished considering the severity according to relevant regulations.

top
Jinshan Building Address : No.55, Sec. 2, Jinshan S. Rd., Da-an District, Taipei City 10603, Taiwan (R.O.C.).
TEL : +886-2-2321-4311、TEL : +886-2-2392-1310
Aiguo Building Address :No.216, Aiguo E. Rd., Da-an District, Taipei City 10603, Taiwan (R.O.C.)
TEL : +886-2-2393-1261、TEL : +886-2-2321-3625
Customer Service Center voice service hotline : 0800-700-365, or payment number (04)23542030 if you dial through a cell phone .
 
| Privacy Policy | Information Security Policy |
HOT INFO
:::
Stamp Mall
No need to go to post office, just shopping stamps On Line at e-service.
Why not take a look!

Hybrid Mail
What benefit do we offer?
One-stop service
Data confidentiality
Saving your cost
Fast delivery
High quality

We highly recommend you to set the resolution of monitor at 800*600 pixels,also with IE5.0 at least to get the best browsing.
 Copyright © 2003 Chunghwa Post Co., Ltd. All rights reserved.