Information Security Strategy
Information Security Strategy & Policy
Doosan Enerbility places top priority on building customer trust and accordingly recognizes data protection as a fundamental corporate responsibility.
To this end, the company has established and implemented corporate-wide information security guidelines based on the ISO 27001, the international standard for information security.
- The information security policy is aimed at systematically identifying the various risks, such as Cloud data breaches, insider’s act of negligence and security weaknesses in the supply chain, and devising specific countermeasures to address these risks.
- Moreover, all employees are obligated to familiarize themselves with the information security policy and comply with the set guidelines. The same level of information security is also required when entering into contracts with external partners, and strict control measures are taken against potential threats posed by third parties.
- The information security policy is regularly reviewed by the senior management and updated as needed. It serves as the standard for all security activities of the company.