Information Security Policy

Security is our second skin. It is an integral part of who we are and what we stand for and is reflected in every aspect of our products and services.

It is imperative that we protect our information assets from every threat and take appropriate security measures that will enable us to fulfill our corporate social responsibilities and public mission as well as enhance our corporate value.

Working with an eye to ensuring the secure use of all our information assets, we have developed a basic framework that has enabled us to establish an information security management system (ISMS) designed to adequately protect our information assets from all threats, both internal and external.

Guiding Principle [Objectives]:

Prevent any information security incident from occurring and ensure the confidentiality, availability and integrity of our information assets.

  • Comply with all relevant information security laws, regulations and agreements.
  • Ensure that core and supporting business operations continue to operate with minimal disruptions.
  • Ensure that all information that are disbursed or produced by USP has absolute integrity and relevant information are managed and stored with appropriate confidentiality procedures
  • Develop criteria for accepting risks, specify acceptable levels of risk, and set appropriate risk management goals and strategies based on systematic risk assessment and management.
  • Provide all employees with regular information security training to ensure that the ISMS objectives are met and increase their information security awareness.
  • Revise basic policies and internal rules on a regular basis in line with changes in society, technology, laws, etc. with an eye to making continual improvements.
  • Employees must comply with the Basic ISMS Policy and other related rules and regulations.