Since the Cybersecurity Act came into effect on January 1, 2019, our division has been classified as a Class C government agency. In accordance with the regulations, we have annually allocated resources and actively implemented the provisions of the Cybersecurity Management Act. We have fulfilled the requirements in all three aspects: "management, technology, and awareness and training." Our division has designated a dedicated cybersecurity personnel who has obtained relevant certifications, including the ISO 27001:LA and cybersecurity competency certificates. We continuously strive to promote cybersecurity efforts. Furthermore, we hold annual management review meetings to examine the implementation of cybersecurity initiatives for the year and conduct rolling reviews to adjust the execution methods.
On August 8, 2024, our division underwent an on-site audit by representatives from our supervisory agency (Water Resources Agency) and a third-party oversight body (NII). We aim to leverage these regular audits to enhance the effectiveness of our information security management system. We aspire to elevate our division's overall cybersecurity protection capabilities through efficient and appropriate management practices.
Pic. 1 Event poster
Pic. 2 Audit process