|
Cybersecurity Risk Management and Strategy Disclosure
|12 Months Ended
Dec. 31, 2024
|Cybersecurity Risk Management, Strategy, and Governance [Abstract]
|Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]
|The management of the Company is responsible for the
cyber security risk management program as well as to identify, assess, mitigate, and remediate risks and material issues. The Company’s
cyber security risk management program is supervised by our IT manager, who reports directly to the Company’s Chief Operation Officer.
The IT manager and Information Security Personnel are responsible for developing and implementing cybersecurity strategy, policies, standards,
architecture and processes. We also engaged a third-party expert Mr. Kowk Leung MA to provide additional support to our Information Security
Personnel and IT manager whenever needed. Mr. Ma received his Master’s Degree of Industry Based Information Technology from University
of Wollongong Australia and is a Microsoft Certified Solution Developer (MCSD) and he has extensive experiences in development of IT application
systems and support, including retail system, inventory control system, ERP development and accounting system integration with various
system, stock broker ordering system, stock mobile phone ordering, and garment’s color size assortment system, network planning
and firewall setup. Mr. Ma is familiar with operation system/server such as Novell, DOS, Windows 98, Windows ME, Window NT, Window
2000 Server, Window 2003 Server , Windows XP, FTP, IIS and Linux and he is also familiar with Database system such as MS SQL server ,
MySQL Visual Foxpro Database, Foxbase, Dbase III and Dbase IV and Tools or computer language familiar such as Clipper, Dbase, Foxbase.
Pascal, C, Visual Foxpro, Visual Basic, VB.Net, Visual C++, Com+, Crystal Report, UML.
Our Information Security Personnel reports to IT manager and is responsible for coordinating and managing the response to reported weaknesses or events, including documentation, evidence collection, and event closure. He also ensures the incident response plan is regularly updated based on experience, lessons learned, and industry developments, while providing necessary training to employees involved in the procedure.
The IT Manager plays a key role in defining strategies and procedures for cyber incident response, leading the incident response team, and overseeing detection, response, and recovery efforts. He also ensures the regular review and update of the incident response plan based on lessons learned and emerging threats.
The Information Security Personnel reports any substantial threats, risks, and incidents to the IT manager. Subsequently, the IT manager will escalate the report to the Chief Operating Officer, if necessary, who will then report it to the Board for any material threats or breaches.
The Company has set up the password requirement, control of authorization on a need-to-know basis, categorize sensitive information so that they can be managed and transmitted at different security levels.
The Company has adopted “Cyber Incident Response Plan Policy” so that suspicious activities or incidents can be quickly identified and reported through the system to the management team.
To oversee and identify risks from cybersecurity threats associated with our use of third-party service providers, we maintain third-party risk management efforts designed to help protect against the misuse of information technology and security breaches.
Other than those, the Company currently does not have processes to oversee and identify the risks from cyber security threats associated with its use of any third-party service provider.
As of date of this report, there has been no cybersecurity incidents which have materially affected the Company yet.
|Cybersecurity Risk Management Processes Integrated [Flag]
|true
|Cybersecurity Risk Management Third Party Engaged [Flag]
|true
|Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]
|false
|Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]
|true
|Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Text Block]
|The Company has adopted “Cyber Incident Response Plan Policy” so that suspicious activities or incidents can be quickly identified and reported through the system to the management team.
|Cybersecurity Risk Management Positions or Committees Responsible [Flag]
|true
|Cybersecurity Risk Management Positions or Committees Responsible [Text Block]
|The IT manager and Information Security Personnel are responsible for developing and implementing cybersecurity strategy, policies, standards, architecture and processes.
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef
|X
- References
+ Details
Reference 1: http://www.xbrl.org/2003/role/presentationRef