Search
en

Information Security Management System

Information Security Policy of AEWIN Technologies

AEWIN Technologies places great importance on protecting the interests of its customers and investors. With the rapid development of emerging technologies, the Company may face external malicious threats and security breaches, which could result in reputational damage and operational disruptions, thereby affecting the rights and interests of customers and shareholders.

To address these risks, AEWIN Technologies has implemented the ISO 27001 Information Security Management System (ISMS), established information security policies and related procedures, and communicated them to all employees in order to strengthen internal information security governance and enhance employees’ awareness of information security.

Information Security Policy Statement

AEWIN Technologies hereby declares its Information Security Policy as follows:

Information Security Objectives

1.1 Ensure the confidentiality of the Company’s information assets by implementing strict access control, allowing access only to authorized personnel.

1.2 Ensure the integrity of information processing and prevent unauthorized modification.

1.3 Ensure the continuous operation and availability of information systems and services.

1.4 Ensure that all information operations comply with applicable laws, regulations, and contractual requirements.

Information Security Control Measures

2.1 Establish an Information Security Management Organization chaired by the General Manager to supervise the operation of the ISMS, identify internal and external issues, and understand the expectations and requirements of interested parties regarding information security.

2.2 Management is committed to maintaining information security, continuously improving information security performance, and reducing the occurrence of security incidents to safeguard customer interests.

2.3 Regularly review and update ISMS documentation and implement clear management controls to protect relevant records.

2.4 Conduct regular information asset inventories, classification, impact analyses, and risk assessments to identify risks affecting the ISMS and implement appropriate risk treatment measures.

2.5 Provide regular information security training and awareness programs to employees. All employees are responsible for protecting the information assets they own, manage, or use.

2.6 Department managers shall ensure proper segregation of duties and responsibilities to prevent unauthorized modification or misuse of information, products, or services that may impact customers.

2.7 For vendors, contractors, temporary workers, and visitors who require access to the Company’s information assets, appropriate reviews shall be conducted and information security compliance agreements shall be signed.

2.8 Establish business continuity plans based on operational needs and potential incidents that may impact customer interests, and conduct regular drills to ensure rapid recovery in the event of disruptions.

2.9 Establish information security performance indicators and conduct regular measurements to ensure the effectiveness of ISMS implementation and control processes.

2.10 Ensure the security of controlled areas and office environments to prevent theft or damage of information assets.

2.11 Continuously strengthen network and communication security management to reduce risks caused by hacking, external attacks, and malicious software that may affect normal operations.

2.12 All product development, modification, and maintenance activities shall comply with the control principles of ISO 27001, and shall be conducted only after proper evaluation, discussion, analysis, authorization, testing, and verification prior to delivery.

2.13 In the event of information security incidents, vulnerabilities, or violations of security policies and procedures, the Company shall follow established procedures for reporting, impact analysis, confirmation, and implementation of corrective actions to minimize losses.

2.14 Comply with applicable internal and external laws and regulations, establish necessary control procedures, conduct regular information security audits, and maintain ISO 27001 certification.

2.15 For mobile device security, employees are required to use company-issued laptops and comply with Company management policies to reduce risks associated with mobile device usage.

Policy Review

This policy shall be reviewed at least once a year and revised and announced as necessary.

Search
en
PRIVACY POLICY

© 2026 AEWIN Technologies

Inquiry Cart

total 0 items

Product Inquiry
Compare

total 0 items

Email Subscribe

Verification

Click the numbers from smallest to largest.

We use cookies to allow our website to work properly, personalize content and advertising, provide social media features and analyze traffic. We also share information about your use of our site with our social media, advertising and analytics partners

Manage Cookies

Privacy Settings

We use cookies to allow our website to work properly, personalize content and advertising, provide social media features and analyze traffic. We also share information about your use of our site with our social media, advertising and analytics partners

Privacy Policy

Manage Consent Settings

Essential Cookies

Accept All

The website cannot function without these cookies and you cannot switch them off on your system.

These cookies are typically set only in response to an action you perform (i.e. a service request), such as setting privacy preferences, logging in, or filling in a form.

You can set your browser to block or prompt you for these cookies, but this may prevent some site features from working.