Information security risk management framework

The Company, in accordance with applicable regulations, has appointed an Information Security Officer and dedicated information security personnel. These individuals are responsible for periodically leading risk assessments of core information systems and formulating improvement plans based on the assessment results. The risk assessment results and improvement plans are submitted to the President for approval before the implementation.