Comprehensive Normative File
We built the ISMS file management system to establish an information security management system and a normative information security institution.
Strict Monitoring Procedure
In order to prevent the problem of information leakage during the development, we set up an ISMS group, which is independent of the software development department, to protect the company’s information security by a management mechanism of developing equipment with safety protection procedure. Afile access management mode with rights management and a network communication monitoring system with real time monitoring. The ISMS group’s work includes frequent information security education in the company, information security audits, providing information security visibility reports and feedback to all employees and managers.
Results
| Aug, 2009 | Establishment of Information Security Management Systems(ISMS). |
| Jan, 2010 | Acquisition of ISO27001(ISMS). |
| Jul, 2011 | Event: due to system administrator misuse, resulting in the intarnet outages. Measures: Import the system administrator guide the manual for clearing reason of change, and impacting on the change and so on. |
| Dec, 2011 | Second audit(external audit) passed |
| Aug, 2012 | Developed smart phone related safety management regulations, and provided license approval process, as well as the use of security measures, etc. |
| Dec, 2012 | First recertification audit(external audit) passed, and certificate was updated. |
| Aug, 2013 | Protect the company’s important information by using the document encryption tool. |
| Dec, 2013 | Fourth audit(external audit) passed. |
| Nov, 2014 | Fifth audit(external audit) passed. |
| Jun, 2015 | In order to prevent the leakage of information, we use the USB with encryption functions, and implement BitLocker encryption in PC. |
| Dec, 2015 | Second recertification audit(external audit) passed. |