LG Electronics conducted training on information security and personal information protection for domestic and overseas employees. The training was provided in 14 different languages to increase effectiveness for overseas employees and organized into sessions on information security practices, understanding personal information protection, and management issues at each stage of personal information lifecycles.
As part of our efforts to create an information security environment that facilitates Win-Win Growth, LG Electronics conducts regular assessment and training for information security. Of our suppliers, five that produce design models and require a high level of information security completed the certification process for their industrial security management system in March 2013.
The Industrial Security Management System Certification, issued by the Korean Association for Industrial Technology Security, is awarded to businesses that hold the rights to industrial technologies and have in place preventative measures against improper information leaks and asset loss from a wide range of disasters for each of their production processes. Businesses are evaluated on over 300 items from 65 criteria in 5 areas (general management, physical infrastructure, technical infrastructure,responsiveness to security breaches, and security knowledge management) for the certification.
As part of our efforts to promote systematic protection of customers’ personal information, LG Electronics acquired the Personal Information Management System (PIMS) certification in December 2012. Also, LG Electronics is making a wide range of efforts to effectively prevent information breach and respond to compliance requirements, such as establishing control measures against information leaks and judiciously complying with the legal requirements prescribed by countries. LGE also requires all its business sites, Korean and overseas, to carry out risk management activities based on the list of requirements issued by HQ, while assessing their performance on a semiannual basis. The assessment results are reported to top management and follow-up measures are implemented. We are responding effectively to compliance risks by carefully managing risks commonly shared by our business sites in Korea and overseas.
LG Electronics has established a personal information impact assessment system to prevent compliance risks associated with related laws and regulations and to systematically and automatically manage personal information data and associated risks at a corporate level. With the system in place, we have the infrastructure to prevent non-compliances and information breaches, and to manage personal information systematically at a corporate level, thereby minimizing risks as well as potential damages.