Sercomm’s corporate social responsibility reports received international third-party certification for 4 consecutive years, fully exhibiting Sercomm’s effort in corporate social responsibility.
Moreover, Sercomm won the “Most Committed to the Highest Governance Best Standards” and “Most Committed to Environmental Stewardship” from FinanceAsia, being the only networking company in Taiwan to receive these esteemed accolades. This is also Sercomm’s fifth consecutive year to win the awards, which highlights our achievements in stable operation and sustainable development
Sercomm supports the development direction of SDGs, matches the company’s sustainable actions with the goals of SDGs, takes actions on key issues, and concentrates resources on areas that can have long-term impact. In the future, the company’s medium and long-term sustainable direction will focus on seven goals as below.
Sercomm is strictly in compliance with the RBA (Responsible Business Alliance) code of conduct to ensure the implementation of the policy as well as the assessments conducted on labor, health & Safety, environmental , ethics, and management system and etc. We have been actively participating in 3rd party RBA audit across all our global manufacutringl sites.
As an Affiliate Member of the Responsible Business Alliance (RBA), Sercomm fully supports the vision and goals of the RBA:
Vision
A coalition of companies driving sustainable value for workers, the environment and business throughout the global supply chain.
Mission
Members, suppliers and stakeholders collaborate to improve working and environmental conditions and business performance through leading standards and practices. Sercomm commits to progressively align its own operations with the provisions of the RBA Code of Conduct and to support and encourage its own first-tier suppliers to do the same. Wherever possible, Sercomm will seek to adopt the RBA approach and tools in practical ways in the spirit of the industry's common goals.
We’ve also participated in more RBA program such as JAC (Joint Alliance for CSR) which is an association of telecom operators aiming to verify, assess and develop the Corporate Social Responsibility (CSR) implementation across the manufacturing centres of important multinational suppliers of the Information Communication Technology (ICT) industry.
Sercomm strictly demands that the suppliers should comply with the environmental protection requirements with respect to the raw materials, packaging, or emission of pollutants used by the suppliers. The suppliers shall undertake and warrant that their products are free from any “Environmentally Forbidden Substance” and also provide the following information:
- Environmentally controlled substance test and report of the product‧Knowledge and collection of the information related to materials and components
- Collection of the information about toxicity and restriction (Material Safety Data Sheet, MSDS) on related chemical
- Presentation of the suppliers’ management system review result
The Sercomm banned and restricted substances listSupplier relations: audit@sercomm.com
Sercomm PSIRT
Sercomm Product Security Incident Reponse Team (PSIRT) receives, handles, and discloses security vulnerabilities related to Sercomm's products and solutions, and is the only channel to disclose vulnerabilities. Sercomm encourages researches, industry organizations, and providers to report security vulnerabilities related to our products to Sercomm PSIRT. Please include but not limited to the following information in your email for verifying a vulnerability:
- Affected products and versions (including product names, types, version numbers, origins, and locations)
- Detailed description (technical details such as system configurations, proof of concent, how the vulnerability was found, specific tools or techniques used, and impacts of exploiting the vulnerability)
- Exploitation (whether the vulnerability) has been explited, and whether the explitation is publicly available)
- Contact information of the reporter
Please contact us by sending an email to PSIRT@sercomm.com
- Get a hold of the information on threats to information security and its protection technology
- Breach of information security and how it was handled
- Educational training and promotion on cases of information security
- Periodic evaluation for information contractors
- Corporate information security risk evaluation
- Information security risk evaluation and formulate incident management procedures
- Compliance with international standards (ISO/IEC 27001)
- Defining confidential and sensitive information and data encryption
- Ongoing monitoring of information security
- Period scan of vulnerabilities
- Simulation on penetration tests of systems
- Check on confidential information and risk evaluation
- Disaster recovery simulation
- Receive international certification for information security
- Physical and environmental safety
- Labor resources security
- Network communications security
- Access control and management
- Information security incidents management
- Ongoing management of the operation with respect to information security
- Data security
- Management on supplier security
- Identification of information security regulations
The supervisor or designated personnel of each risk management unit shall be responsible for the second line responsibility management of related businesses, clearly grasps the effective implementation of various risk regulations, allocates limited resources efficiently to related risk management work, proposes countermeasures and recovery plans when risk incidents are discovered, and consults external experts as needed, and implements additional relevant internal regulations after reporting to the operation and management committee for resolution.
Comments from the stakeholders will drive Sercomm’s continuous growth. In order to prevent Sercomm’s development from deviating from the stakeholders’ expectations, Sercomm works hard to fulfill its social responsibility as a corporate citizen.
By virtue of the four steps– Identification, Prioritization, Validation and Review–Sercomm completes the identification of topics concerned by the stakeholders, prioritization of such topics, validation of important considerations, and review of availability of information, as the important bases for the contents given herein and the response to the stakeholders and as reference for the future sustainability implementation policy.
The supervisor or designated personnel of each risk management unit shall be responsible for the second line responsibility management of related businesses, clearly grasps the effective implementation of various risk regulations, allocates limited resources efficiently to related risk management work, proposes countermeasures and recovery plans when risk incidents are discovered, and consults external experts as needed, and implements additional relevant internal regulations after reporting to the operation and management committee for resolution.
Sercomm has established the “Employee Code of Conduct” and “Procedures for Handling Internal Material Information” as the guides for employees to execute the business activities. The Code consists of the general provisions, relationship with customers and suppliers, and conflict of interest. The general provisions cover Sercomm’s corporate ethical management policy. Sercomm organizes the orientation training, general education training and management development training periodically in order to propagate the corporate ethical management policy.
Sercomm is committed to enhance the timeliness and transparency of information disclosure. It discloses its financial and business information on MOPS, and also holds the investors’ meeting semi-annually. Sercomm attends the investors’ forum and investors’ meeting organized by domestic/overseas securities firms from time to time in order to present the financial figures and business performance already disclosed and to strengthen investors’ knowledge about the Company’s financial business information