1. Info security policy managementFollowing Group/HQ's requirements and Indonesian regulatory policy requirements, set up info security policy in local company, review the process and push execution.
2. IS Risk Control: Based on IS policy to monitor, analysis the IS risk in company operation. To review the business process, operation SOP to ensure no IS risk. To propose improvement plan to eliminate potential IS risk.
3. Complete ISO270001 certification project and cooperate with HQ to set up key info security management rules.
4. Review and revise IS policies from HQ, draft local IS policies and implement.
5. Review business process, SOP, 3rd party contracts for IS risk and data protection.