eRun Elevates Security Standards and Garners Recognition from SRAA and PIA


In today’s digital age, the significance of information security and user privacy protection has risen to the forefront. Enterprises must ensure the stability, efficiency, and security of their business operations while also prioritizing stringent user privacy protection. eRun fully recognizes the importance of this dual responsibility and, as a result, incorporates measures to mitigate security risks and safeguard personal data privacy into its information security strategies and practices.


By adhering to rigorous security standards, we have achieved significant milestones in our information security practices. We successfully obtained a qualified Security Risk Assessment and Audit (SRAA) report, meeting the strict requirements recommended by the Office of the Government Chief Information Officer (OGCIO). This accomplishment marks a new level in our information security management. Additionally, we have completed a comprehensive Privacy Impact Assessment (PIA) to analyze and minimize potential impacts on personal data privacy. These notable recognitions serve as strong evidence of our commitment to maintaining robust security practices and prioritizing user privacy.


Security Risk Assessment and Audit (SRAA) Report
SRAA, established by the Office of the Government Chief Information Officer (OGCIO), provides a comprehensive framework for rigorous security assessments. This evaluation covers essential areas such as infrastructure security, access control, incident response, and data protection. eRun has achieved success by obtaining the SRAA’s qualified report, showcasing the company’s professional expertise in information security. This accomplishment further demonstrates eRun’s unwavering dedication to upholding stringent security standards, instilling confidence in users and stakeholders alike.


Privacy Impact Assessment (PIA) Report
PIA, based on the Personal Data (Privacy) Ordinance (Chapter 486), conducts a thorough examination of private data flows within business processes and information systems to identify and mitigate potential risks. eRun’s successful attainment of PIA qualified report underscores the company’s steadfast commitment to safeguarding user privacy, ensuring compliance with data protection regulations, and upholding best practices in privacy. It also validates eRun’s adherence to the principles of transparency, informed consent, and secure handling of personal information. In an increasingly data privacy-conscious world, eRun’s PIA qualified report undoubtedly enhances customer trust and solidifies the company’s reputation as a reliable custodian of sensitive information.