:::Skip to main content
Home Sitemap FAQs Bilingual Glossary 中文版 RSS
  • font size
    A A A
:::
font size small icon font size medium icon font size large icon Share information to Facebook Forwarding information by email Pop-up print setting

Security Policy

A. Purpose

To ensure the smooth operation of information-related processes and to decrease information risks within the Bureau.

 

B. Strategic declaration

In order to secure users by the use of proper authentication procedures to save and retrieve data only within authorized scopes; to have accurate use of information; to prevent information from misuse or malicious conversion or from being changed during processing, transmission, or storage; to ensure proper protection from abuse for intellectual rights and personal data; and to set a priority on the use of simple, easily-remembered processes which correspond to the objectives and services of ISMS, the Bureau has established a strategic declaration regarding information security, as below: Empower smooth and proper information security processes with a primary focus on information security.

 

C. Objectives

  1. According to ISO 17799:2005 and ISO 27001 of the Information Security Management Systems (ISMS), to construct and accumulate experience and capabilities in ISMS.
  2. To adhere to the Financial Data Processing Manual and all related information processing regulations of the Bureau in regard to information processing systems.
  3. To ensure that automatic services follow the regulations contained in the Tax Collection Manual to provide all items of information.
  4. To fulfill the obligation to respect confidentiality stipulated in Article 33 of the Tax Collection Act.


D.Scope

Solid assets, information/data, software, and personnel of the Bureau

A. Information security and maintenance measure

  1. The Bureau utilizes internet intrusion detection systems and fire-walls to monitor internet transmissions and to prevent unauthorized intrusion, damage, or hacking.
  2. The Bureau implements regular intrusion tests and holds information security drills on an irregular basis.
  3. The Bureau updates protection software, runs protection programs which perform repairs, reinstall and update anti-virus programs on an irregular basis, and performs virus scans and virus code renewals on a regular basis in order to provide users with a safe environment while surfing the internet.
  4. The Bureau conducts regular auditing and evaluations of information retrieval and saving systems, including checks on storage security, review of security protection levels, and backing-up of information storage systems.
Last updated:2019-10-09