1. Information Security Policy

 

Pulmuone has established the 'Pulmuone Information Protection Regulations' to protect the company's information assets and customers' personal information. Based on these regulations, we ensure that all members can perform their duties in a secure environment and support all customers to safely use the information and services provided by the company.

 

The 'Pulmuone Information Protection Regulations' consist of the 'Information Protection Policy' and 'Personal Information Protection Policy,' including a total of 13 detailed guidelines. Pulmuone thoroughly manages and strengthens both enterprise-wide and personal information security in accordance with these regulations, policies, and detailed guidelines.

 

 

 

 

2. Information Security Basic Principles

 

Pulmuone's members must perform their duties according to the following principles for Pulmuone's information security.
 

 

※  Source: Pulmuone Information Security Policy > Chapter 4 Human Security, Article 13 Employee Information Security Management, Article 16 Compliance Requirements During Work

 

 

 

3. Information Security Incident Response Procedures

 

Pulmuone establishes and operates security incident response procedures including monitoring and response methods, procedures, response organization and personnel, reporting and approval methods, etc., for rapid and effective response when information security incidents occur.

 

 

※ Source: Pulmuone Information Security Regulations > Chapter 4 Information Security Basic Principles, Article 20 Security Incident Response, Pulmuone Information Security Policy > Chapter 14 Security Incident Response Articles 53-56

 

 

 

4. Information Security Enhancement Activities

 

Pulmuone strengthens company-wide information security by internally controlling information systems securely and externally preparing separate control measures to prevent leakage of Pulmuone's information assets and personal information when outsourced personnel or contracted companies perform work. The following are activities that Pulmuone carries out to enhance information security.

 

 

※ Source: Pulmuone Information Security Regulations > Chapter 4 Information Security Basic Principles, Article 13 Asset Classification and Control, Article 12 Human Security, Pulmuone Information Security Policy > Article 14 Outsourced Personnel Information Security Management

 

 

 

5. Information Security Improvement Plan

 

Pulmuone recognizes identifying security threat factors as the top priority for maintaining and continuously improving a secure security environment, and establishes countermeasures by analyzing the types, frequency, and levels of risks that may occur in various environments. Pulmuone performs the following activities to safely protect information assets and improve the security environment.

 

 

※ Source: Pulmuone Information Security Regulations > Chapter 4 Information Security Basic Principles, Article 14 Risk Assessment, Article 16 Operations Management