-
Strategies and Systems
Considering the consumers’ information and data handled at Dong-A Socio Group, the coverage of information and data protection shall be planned out strategically and comprehensively, such that the required levels of confidentiality, integrity and availability are attained by way of, without limitation, technical measures, policies and employee training and education.
-
(Personal) Information Security Management System in Practice
For improved personal information security management and controlling of risks associated with protecting personal information, Dong-A Socio Group enacts and revises the information security management policies and guidelines by staying in compliance with both governing laws and internal work processes. Doing so, Dong-A Socio Group has engaged in security audit and training and security risk assessment that contribute to managing personal information security.
- Enactment and revision of information protection policies / guidelines
- Establishment of Group-level information protection committee
- Enactment of ‘Security Day’
- Establishment and maintenance of security education plans
- Group-level security audit
- maintenance of ISO 27001/27701-certified states
- Group-level security risk assessment
-
Security Organization Chart - Dong-A Socio Holdings
* CISO(Chief Information Security Officer, Chief Information Security Officer) * CPO(Chief Privacy Officer, Personal Information Security Manager)
-
Organization Chart of Information Security Committee - Dong-A Socio Holdings
-
Certificate
-
ISO27001
-
ISO27701
-