Information Security Basic Policy
Effective as of January 1, 2024
1. Basic Policy
Tensor Energy (the "Company") recognizes that information security is fundamental to its business activities. It has established and maintains an information security management system to protect its information assets. Furthermore, all employees contribute to the appropriate handling and protection of information assets through their understanding and practice of information security.
2. Scope
This basic policy applies to all information assets held by the Company.
3. Goals of Information Security
The Company’s goal for information security is to ensure the confidentiality, integrity, and availability of our information assets. This includes protecting information assets from unauthorized access, improper disclosure of information, alteration of information, loss or destruction of information assets, and service interruption.
4. Implementation of Information Security Measures
The Company manages information security risks through risk assessment and implements necessary security measures.
5. Legal Compliance
The Company complies with all laws, regulations, and contractual obligations related to information security.
6. Implementation of Information Security Education and Training
The Company provides regular education and training to ensure that our employees and related personnel understand the importance of information security and act appropriately.
7. Incident Response and Continuous Improvement
The Company responds promptly, investigates the cause, and takes measures to prevent recurrence in the event of an information security incident. It also continuously improves our information security management system.
8. Periodic Review
The Company reviews the information security management system periodically and improves as necessary.
All of our employees understand and act in accordance with this Information Security Policy. All parties involved are also contractually obligated to comply with this policy.
9. Establishment of the Information Security Management System
The Company appoints a chief information security officer and implements appropriate operation and improvement of the information security management system. It also establishes an information security incident response system and takes prompt and appropriate action.
10. Risk Assessment and Countermeasure
The Company conducts risk assessments of our information assets regularly, and establishes and implements appropriate information security measures based on the results of such assessments.
11. Information Security Audits
The Company conducts regular audits to confirm the effectiveness of our information security management system and promote improvements.
12. Human Resource Security
The Company conducts security checks before and after hiring employees and provides information security training. It also takes appropriate measures against information security violations.
13. Physical and Environmental Security
The Company ensures the physical protection of our information assets. This includes facility security measures, access control, and disaster prevention, etc.
14. Classification and Management of Information Assets
The Company classifies information assets appropriately and establishes clear guidelines for their handling.
15. Network and System Security
The Company ensures the security of our network and systems. This includes access control, vulnerability countermeasures, unauthorized access countermeasures, virus protection, and backups.
The Company makes this Basic Policy on Information Security known to all employees and confirms their understanding and implementation. In addition, this basic policy has been made public on our website to ensure that our stance on information security is widely understood by all concerned parties and the general public.
16. Business Continuity Planning
The Company establishes and implements a plan to continue our business activities even in emergency situations such as natural disasters and human-caused accidents.
17. Continuous Improvement of Information Security
The Company reviews the status of information security regularly and makes continual improvements. In addition, all policies and procedures regarding information security, including this basic policy, will be reviewed and updated on -a regular basis.
This is Tensor Energy's Information Security Policy, and all employees are committed to protecting information assets in accordance with this policy.