Information Technology Risk Management

Plan B Media Public Company Limited provides computer network to facilitate employees to perform their duties for the organization. Usage authorization on the computer network is undertaken properly and efficiently to prevent against potential problems from inappropriate use of the computer network. To ensure that employees under employment contracts and external parties understand their roles and responsibilities and to minimize risk from theft, fraud, misuse of confidential information and improper use of devices, the Company set out relevant rules and practices for the use of computer and network systems. These rules and practices allow contracted employees and external parties to be aware of threats and issues related to security and their responsibilities including those which are obligated by laws as well as to learn and understand security and safety policy of the organization. This is to mitigate risk that may arise from mistakes made on duty.

The Company established a cybersecurity task force to ensure that its IT systems are under proper internal control with stability and safety while confidential information of the Company and other persons is protected. In addition, the Company is responsible for setting policies and guidelines on system usage that are internally consistent and aligned with business strategies.

Policy

The Company manages IT risk according to IT security policy and practice which are applied to Plan B Media Public Company Limited including all directors, executives, employees and external service providers who are authorized to access IT information at each level of confidentiality.