Move to menuMove to category menuMove to main contents
Governance

Cyber Security

SK D&D complies with personal data processing guidelines and information security regulations to keep customer data and corporate information assets safe. The CISO (Chief Information Security Officer) is appointed under the direct leadership of the CEO for his/her expertise on information security-related laws and practices as well as information security to develop, implement and review work plans each year. In 2022, we are working to achieve the ISMS* certification to advance our information security and customer data protection system.

* ISMS(Personal Information & Information Security Management System): Korea Internet & Security Agency or other certification bodies proves that an organization’s actions and measures taken for information security and data privacy comply with the set certification standards

Information Security Implementation System

Information Security Training

We provide information security training to all our employees each year to improve their information security awareness and capabilities. All our employees sign the information security pledge to recognize the importance of information security and to internalize their sense of responsibility. We plan to conduct simulation exercises against phishing e-mails to strengthen our execution of information security.

Document Centralization and ITSM *

We are developing a document centralization system to prevent any breaches of our corporate data. This system ensures that documents are stored on the corporate central server, not on the personal computers of individual users to ensure that such documents are not disclosed externally, laying the basis for turning document resources into invaluable assets. To address the reduced speed of information processing as a result of improving information security, we introduced the ITSM service to support our employees to collect necessary improvements on the IT system and failure factors and to engage in continuous management and improvement.

* ITSM(Information Technology Service Management): Activities to maintain and improve the quality of services by providing services that satisfy information system users and engaging in continuous management

IT Business Continuity

SK D&D has established a business continuity plan and response procedures to prevent and promptly address information security incidents, and regularly reviews such plans and procedures. In the event of a disaster or a failure of the computer network, an emergency management team is organized in accordance with our IT business continuity guidelines, network failures are analyzed for their impact on our operations to establish a hierarchy of priorities for recovery efforts, and managerial/technical measures are taken. To aid in individual and emotional preparedness for actual emergencies, we conduct simulation exercises and emergency response trainings for IT business continuity at least once a year.