Sound risk management is the basis of corporate sustainable development. By means of risk controlling and managing process, GIGABYTE first identifies 8 risk dimensions, including operation, finance, innovation, and information security, etc. Further, the potential impact scope of each risk is determined and the risks are assigned to responsible units for sound risk management measures based on their professionals and practical experiences in related fields.
Risk Management and Control Process

Measures of Risk Identification and Management

Information Security Management
In keeping with the GIGABYTE philosophy of “Upgrade Your Life”, corporate information security governance has been introduced to our continued pursuit of corporate sustainability. The Information Security Committee was set up to devise an information security policy and management framework that takes international standards, regulatory requirements, privacy protection, risk management and crisis management into account. A total approach to information security management, planning, oversight and execution has been put into place. The Committee also reports regularly to the President on information security management activities and overall effectiveness of information security management organization.
Governance Organizational Framework

Management Goal and Outcome in 2022

- Conduct vulnerability scanning and penetration testing to systematically and comprehensively verify security defense capability.
- Carry out a drill in information security incident notification and response to fulfill responsibility division and improve handling proficiency.
- In response to the rising number of BEC incidents, build anti-fraud email protection measures in systems, conduct information security education and training to 711 employees, and implement social engineering drills 2 times with a total of 4,795 person times involved.
- Establish high-security protection mechanisms and introduce multi-factor authentication (MFA) to ensure information operations are secure and accurate while employees work from home during the COVID-19 pandemic.
- Establish a cybersecurity joint defense platform for the supply chain.
- Home
- From the Chairman
- Commitment to CSR
- Stakeholder Engagement
- Material Topics
- SDGs
- Corporate Organization
- Code of Conduct
- Risk Management
- Supply Chain Management
- Tetralogy of Supply Chain Engagement
- Conflict Mineral
- Environmental Management Policy
- Climate Action
- Eco-friendly Product
- Extended Product Responsibility
- Recycling Information
- Green Action
- Sustainability/Environmental Education
- Green Activities
- Working Holiday
- Corporate Volunteering
- Go Green Taiwan
- Make Earth Green Again
- Tree Map
- Overview/Core Concept
- Rooftop Farm
- Ecology Photo Competition
- Certification
- Talent Management
- Education and Welfare
- Occupational Safety
- Health Care
- Upgrade Your Life
- Social Inclusion
- CSR Milestone
- Economic Aspect
- Environmental Aspect
- Social Aspect
- CSR Report