資訊安全部 Security & IT Governance BCP

• Communicate with all business departments.
• Plan, implement, maintain the procedures and related document(BIA) to meet Group or regulatory requirements
• Assessment if any continuity risk.
• Report and communicate with APAC and Head-Office related situation
• Drills arrangement including CMT
• The set-up of the governance needed for the system’s oversight and coordination,
• Compliance with the normative framework for Business and Information Continuity,
• The identification and forwarding of the risks burdening Cardif TW VIE’s continuity,
• The proposal of strategies and their validation by the executive management,
• The identification of critical activities and the consolidation of continuity needs, that will be validated by the governance body,
• The roll-out and maintenance of the appropriate solutions,
• The organization of regular exercises, verification of the operational nature of the solutions, definition and follow-up of the improvement plans, as relevant,
• The set-up of a training and awareness plan for Cardif TW VIE employees,
• In case of a continuity crisis, raises the alarm and must ensure feedback and a follow-up of the improvement plans, as relevant.

2. IT continuity Plan management (ICP)

• Ensures and governance IT department to have proper testing (including unitary test) to compliance with Group and regulatory requirements
• Ensures and governance IT continuity plan is well prepared to comply with services resilience.
• Provide dashboard to HO quarterly.
• Application systems inventory management.

• Deploy, maintain system access rights onto Group solution
• Monitoring all kinds of access rights, including CyberArk privilege accounts.
• Follow-up and track the progress of the audit issues raised, to ensure the issues to be closed in time, and the controls are effectives eliminate the risks.

4. Adhoc tasks assigned.

Qualifications: