Proprietary Information Protection
TSMC understands Proprietary Information Protection is the key to maintaining TSMC's current and future competitive advantages. Therefore TSMC not only established its Proprietary Information Protection policy and related regulations to control and manage TSMC trade secrets, but also implemented the management mechanism of PDCA (Plan-Do-Check-Act) to enhance the capability of Proprietary Information Protection and employees' awareness to ensure the best interests of the company, shareholders, employees, customers and suppliers.
|Plan||Establish guidelines, management procedures and regulations|
|Do||Enforce Proprietary Information Protection controls Conduct awareness training and promotions|
|Check||Perform regular audits and handle violations|
|Act||Improve defects to strengthen the capability of Proprietary Information Protection|
In addition, TSMC adopted special security management in IC manufacturing processes to not only comply with customers’ security requests but also passed relevant security audits and certifications. For example, F14A obtained ISO 15408 site security certification in 2016 to provide more secure protection of IC manufacturing process on security products such as chips on identity certification, as well as debit card and credit card for customers. Moreover, TSMC passed all security audits in 2016 from customers to further enhance the trust and partnership between TSMC and customers.
2016 Proprietary Information Protection Enforcement Result
Invited over 1,000 suppliers to six PIP promotion and communication sessions
All newcomers completed Proprietary Information Protection training courses.
Newly created or revised nine Proprietary Information Protection regulations to ensure more robust Proprietary Information Protection.
Over 45,000 employees completed Y2016 Proprietary Information Protection annual refresh e-learning course.
- PIP policy and regulations
- PIP prohibited item rule communication
- Physical security and badge regulations
- Tips for confidential information transmission and sharing
- How to correctly operate computer devices and access networks
- PIP violation case studies and reminders
Conduct PIP audits over two million headcounts monthly
- PIP prohibited item inspection
- Physical access compliance check
- Confidential information handling
- Email handling
Employee PIP violation rate: 1%
Main Cause: individual negligence or failure to comply with PIP procedures.
- Reinforce PIP promotion and communication
- Enhance outgoing email and document printing management
- Review users' access privilege to information