HOME
ABOUT US
ABOUT US
Energy Absolute Public Company Limited
Chairman Statement
Vision And Mission
Company Profile
Group Structure
Organization Chart
The Board Of Directors
Executives
Certificate
Awards
OUR BUSINESS
OUR BUSINESS
Energy Absolute Public Company Limited
Biodiesel Business
B100 & Glycerin
Green Diesel & PCM
By Products
Power Business
Solar Power Plant
Wind Power Plant
Energy Storage System Business
Lithium-Ion Battery
Electric Vehicle Business
Electric Bus
Electric Ferry
Charging Station Business
Charging Station : EA Anywhere
SUSTAINABILITY
SUSTAINABILITY
Energy Absolute Public Company Limited
E@ Sustainable Development
Sustainability Report
Policy & Strategy
Economic Dimension
Social Dimension
Environmental Dimension
Stakeholder Engagement
Corporate Social Innovation (CSI)
Green Bond
Other Document
INVESTOR RELATIONS
INVESTOR RELATIONS
Energy Absolute Public Company Limited
INVESTOR RELATIONS
Financial Statement
Financial Highlight
Financial Statement
MD&A
Stock Health
Stock Price
Stock Quote
Historical Price
Investment Calculator
Shareholder Information
Major Shareholder
IR Calendar
Bond And Credit Rating Information
Meeting Of Shareholders
SET announcement
Dividend Policy & Payment
Filing
Notification to Shareholders
Allocation of additional shares
Annual Report And 56-1
56-1 ONE REPORT / E-ONE REPORT
Annual Report
Form 56-1
PRESENTATION AND WEBCAST
Analyst Information
Analyst Report
Analyst Contact
IR Corner
Code of conduct for IR
IR Contact
Channel Complaints
FAQ
E-mail Alert
Privacy Policy
CORPORATE GOVERNANCE
CORPORATE GOVERNANCE
Energy Absolute Public Company Limited
Sub-Committees
Charter Of The Committee
Code Of Conduct
Corporate Governance Policy
Anti-Corruption Manual
Channel Complaint
Corporate Governance
Policies And Guidelines
NEWS & ACTIVITIES
NEWS & ACTIVITIES
Energy Absolute Public Company Limited
SET Announcements
E@ News
Public Relation News
CAREER
CONTACT US
EN
|
TH
EN
|
TH
HOME
ABOUT US
Chairman Statement
Vision And Mission
Company Profile
Group Structure
Organization Chart
The Board Of Directors
Executives
Certificate
Awards
OUR BUSINESS
Biodiesel Business
B100 & Glycerin
Green Diesel & PCM
By Products
Power Business
Power Business
Solar Power Plant
Wind Power Plant
Energy Storage System Business
Lithium-Ion Battery
Electric Vehicle Business
Electric Bus
Electric Ferry
Charging Station Business
Charging Station : EA Anywhere
SUSTAINABILITY
E@ Sustainable Development
Sustainability Report
Policy & Strategy
Economic Dimension
Social Dimension
Environmental Dimension
Stakeholder Engagement
Corporate Social Innovation (CSI)
Green Bond
Other Document
INVESTOR RELATIONS
INVESTOR RELATIONS
Financial Statement
Financial Highlight
Financial Statement
MD&A
Stock Health
Stock Price
Historical Price
Investment Calculator
Shareholder Information
Major Shareholder
IR Calendar
Bond And Credit Rating Information
Meeting Of Shareholders
SET announcement
Dividend Policy & Payment
Filing
Notification to Shareholders
Allocation of additional shares
Annual Report And 56-1
56-1 ONE REPORT / E-ONE REPORT
Annual Report
Form 56-1
PRESENTATION AND WEBCAST
Analyst Information
Analyst Report
Analyst Contact
IR Corner
Code of conduct for IR
IR Contact
Channel Complaints
FAQ
E-mail Alert
Privacy Policy
CORPORATE GOVERNANCE
Sub-Committees
Charter Of The Committee
Code Of Conduct
Corporate Governance Policy
Anti-Corruption Manual
Channel Complaint
Corporate Governance
Policies And Guidelines
NEWS & ACTIVITIES
SET Announcements
E@ News
Public Relation News
CAREER
CONTACT US
HOME
SUSTAINABILITY
Social Dimension
Information Technology Security Policy
Information Technology Security Policy
Energy Absolute Public Company Limited hereby announced the Information Technology (IT) Security Policy, to ensure the IT system as well as the network and computer system of the Company, subsidiaries and affiliated companies sharing these systems is secure and continually supportive to the Company's operations; compliant with the Computer Crime Act and other relevant laws; and efficient in preventing harms and damage on the Company.
Definition
The definition in this part defines the terms used in the policy and guidelines appearing in this IT security policy, for the purposes of clarity and mutual understanding.
1. "Company" refers to Energy Absolute Public Company Limited, subsidiaries and affiliated companies that share the IT system as well as the network and computer system.
2. "Information Technology Department" means Energy Absolute Public Company Limited's Information Technology and System Development Department.
3. "Users" mean directors, executives, employees, related users and external users authorized to access the Company's network.
4. "Related users" mean individuals or juristic persons working under contract at the Company's premises.
5. "External users" mean individuals or juristic persons other than those in (3) and (4).
6. "System Adminitrator" mean Manager – Head of Information Technology Department or other operators, designated by supervisors in the Vice President level or higher to develop, fix and maintain the Company's IT and network systems; or a unit directly in charge of the IT and network systems.
7. "Information" means facts drawn from database. In the forms of figures, texts, documents, diagrams, maps, photos, films, visual and audio recordings, computer-generated recordings or graphics, information is processed and organized for ease of understanding and utilized in the management, planning, decision-making, etc.
8. "Information system" means the Company's system dedicated for the storage, processing and dissemination of information. Linking up hardware, software, users and processing process, the system generates information useful for the Company's planning, management and work process.
9. "Network system" means the system that allows communications or transmission of data and information between the Company's various information technology systems like LAN, Wireless, Intranet, Internet and other communications systems.
10. "Property" means tangible or intangible properties deemed valuable to the Company which are data, data system, and properties relating to information technology and communications like personnel, hardware, software, computers, servers, information system, network system, network equipment, IP addresses or copyrighted software, or anything deemed valuable to the Company.
11. "Information technology security" means the security and safety for the Company's information technology system and network system, whereby confidentiality, integrity and availability are preserved along with authenticity, accountability, non-repudiation and reliability.
12. "Access or access control" means the permission, classification of users' rights or authorization for users' access to the network system or information system, electronically and physically. The control involves guidelines on unauthorized access.
13. "User account" means the usernames and passwords for employees and relevant users as well as external users.
14. "Encryption" means the encryption of information to prevent unauthorized access. Users with access to the encrypted files must have the encryption keys.
15. "Authentication" means the security process to identify general users, through the confirmation of username and password.
Governance of Enterprise IT
Oversight on information technology (IT) is to ensure the Company’s accomplishment, in using IT to support the operations and efficiently manage IT-related risks. Effective IT management requires the linkage between IT, resources and efficient data so that the system can support the enterprise’s policies, strategies and objectives. It requires appropriate risk management, reporting and monitoring, to ensure that applied technology can facilitate strategies and lead the enterprise towards business achievements as well as competitiveness and added value.
To achieve these goals, the Company shall at least consider addressing the following issues:
1. IT Risk Management Policy
Defining roles and responsibilities - The Vice President of IT and System Development Department is responsible in IT and Cyber risk management. Their role involves exploring and selecting IT management approaches aimed at reducing or addressing existing IT-related risks, all to be presented to the Chief Operating Officer (COO) for consideration.
IT Security Risk Management Structure
*
Remarks : Assistant to Chief Executive Officer Support, this position has responsibilities similar to Chief Information Security Officer (CISO), Responsible to Oversee all information security, security awareness and information technology issues, threats, vulnerabilities and regulatory changes affecting the organization, perform independent research as needed and review process.
Mr. Wutthilerd Chiannilkulchai, Member of Risk Management Committee responsible to annually reviews the Company’s IT Security / Cyber security strategy.
The Company shall implemented IT and cyber risk management and information security protocols in line with international standards such as NIST Cybersecurity Framework. These cyber security frameworks include prevention plans, detection, and rapid responses to threats in compliance with global standards. There are 5 main processes, including:
1. Identify
2. Protect
3. Detect
4. Response
5. Recover
2. IT Security Policy
The Company shall formulate the IT Security Policy in writing and prepare communications on the policy to ensure correct understanding and compliance. Communications between IT department and other departments across the enterprise is particularly important, for coordination and achievements as outlined in business objectives.
The Company shall have the IT Security Policy reviewed at least once a year or in the event of changes that affect the security.
SITE MAP
เว็บไซต์ energyabsolute.co.th มีการเก็บ Cookies ซึ่งเป็นการจัดการข้อมูลส่วนบุคคลและช่วยเพิ่มประสิทธิภาพการใช้งานเว็บไซต์ คุณสามารถอ่านข้อมูลเพิ่มเติมได้ที่หน้า
Cookies Notice
ยอมรับ