Information Security Basic Policy

Effective as of January 1, 2024

1. Basic Policy

Tensor Energy (the "Company") recognizes that information security is fundamental to its business activities. It has established and maintains an information security management system to protect its information assets. Furthermore, all employees contribute to the appropriate handling and protection of information assets through their understanding and practice of information security.

2. Scope

This basic policy applies to all information assets held by the Company.

3. Goals of Information Security

The Company’s goal for information security is to ensure the confidentiality, integrity, and availability of our information assets. This includes protecting information assets from unauthorized access, improper disclosure of information, alteration of information, loss or destruction of information assets, and service interruption.

4. Implementation of Information Security Measures

The Company manages information security risks through risk assessment and implements necessary security measures.

5. Legal Compliance

The Company complies with all laws, regulations, and contractual obligations related to information security.

6. Implementation of Information Security Education and Training

The Company provides regular education and training to ensure that our employees and related personnel understand the importance of information security and act appropriately.

7. Incident Response and Continuous Improvement

The Company responds promptly, investigates the cause, and takes measures to prevent recurrence in the event of an information security incident. It also continuously improves our information security management system.

8. Periodic Review

The Company reviews the information security management system periodically and improves as necessary.

All of our employees understand and act in accordance with this Information Security Policy. All parties involved are also contractually obligated to comply with this policy.

9. Establishment of the Information Security Management System

The Company appoints a chief information security officer and implements appropriate operation and improvement of the information security management system. It also establishes an information security incident response system and takes prompt and appropriate action.

10. Risk Assessment and Countermeasure

The Company conducts risk assessments of our information assets regularly, and establishes and implements appropriate information security measures based on the results of such assessments.

11. Information Security Audits

The Company conducts regular audits to confirm the effectiveness of our information security management system and promote improvements.

12. Human Resource Security

The Company conducts security checks before and after hiring employees and provides information security training. It also takes appropriate measures against information security violations.

13. Physical and Environmental Security

The Company ensures the physical protection of our information assets. This includes facility security measures, access control, and disaster prevention, etc.

14. Classification and Management of Information Assets

The Company classifies information assets appropriately and establishes clear guidelines for their handling.

15. Network and System Security

The Company ensures the security of our network and systems. This includes access control, vulnerability countermeasures, unauthorized access countermeasures, virus protection, and backups.

The Company makes this Basic Policy on Information Security known to all employees and confirms their understanding and implementation. In addition, this basic policy has been made public on our website to ensure that our stance on information security is widely understood by all concerned parties and the general public.

16. Business Continuity Planning

The Company establishes and implements a plan to continue our business activities even in emergency situations such as natural disasters and human-caused accidents.

17. Continuous Improvement of Information Security

The Company reviews the status of information security regularly and makes continual improvements. In addition, all policies and procedures regarding information security, including this basic policy, will be reviewed and updated on -a regular basis.

This is Tensor Energy's Information Security Policy, and all employees are committed to protecting information assets in accordance with this policy.

Information Security Basic Policy

1. Basic Policy​

2. Scope​

3. Goals of Information Security​

4. Implementation of Information Security Measures​

5. Legal Compliance​

6. Implementation of Information Security Education and Training​

7. Incident Response and Continuous Improvement​

8. Periodic Review​

9. Establishment of the Information Security Management System​

10. Risk Assessment and Countermeasure​

11. Information Security Audits​

12. Human Resource Security​

13. Physical and Environmental Security​

14. Classification and Management of Information Assets​

15. Network and System Security​

16. Business Continuity Planning​

17. Continuous Improvement of Information Security​