As the trend of digital governance becomes increasingly emphasized, account management is not only related to administrative efficiency but is also a core component of information security defense. Effective account inventory and change control help prevent unauthorized access and the risk of residual permissions; it also ensures that access to each system matches users’ identities and responsibilities. To implement account lifecycle management and strengthen access control, TDCC has established an account management mechanism, which specifically covers the procedures for account application, activation, deactivation, and deletion. Additionally, each department is required to periodically review the usage of accounts under its control and remove idle or unused accounts to maintain consistency between account assignments and actual job requirements. This is to ensure the enforcement of the principle of least privilege. As corporate internal systems and the number of users continue to expand, establishing a transparent, traceable, and standardized account management process has become a crucial foundation for enhancing information security governance and operational effectiveness.

To implement the above account management mechanism and improve execution performance, TDCC continues to conduct periodic account reviews as a key measure for managing permission to information systems. This operation aims to ensure that user accounts align with actual job requirements. Besides, lifecycle management tasks, such as account application, activation, deactivation, and deletion, are conducted in accordance with regulations. The account inventory covers all company information systems, with the total number of accounts exceeds 22,000, spanning across multiple application platforms. In the past, the operation required IT and business departments to manually compile account lists and deliver them in paper form for sequential user and supervisor signatures. This process was not only complicated to track but also increased management risk and administrative cost.

Given the issues encountered with traditional account review operations, TDCC in recent years has used Business Process Management (BPM) system as the core structure to implement the Administrative Form Approval Platform. The platform features functions such as process design flexibility, form dispatch, and approval tracking to promote the standardization and digitization of administrative tasks. The first implemented application module focused on the account review operation. Online distribution and centralized management have replaced the traditional method of circulating paper account lists one by one, which has effectively shortened the processing time and also enhanced data integration, progress tracking, and audit capabilities.

With the introduction of the Administrative Form Approval Platform, the account review operation has achieved complete digitalization, and its processes have become significantly optimized. The primary outcomes are as follows:

• Transformation of Operational Method

The method has transformed from traditional paper circulation to online dispatch and approval. The platform can notify multiple account users for confirmation simultaneously, eliminating the need for waiting and sequential delivery.

• Automatic Generation of Account Lists

After accounts are initially imported, any subsequent change applications through the platform are automatically updated in the system. Each time the review is initiated, the most up-to-date account list can be generated instantly, saving manual consolidation time.

• Account Data Comparison Function

The platform provides an account discrepancy comparison function. Before starting the review process, the access control personnel of each department compare the account information data exported from the platform and the actual system to conduct a preliminary confirmation of consistency, and initiates the review process, which is to be completed by the end users. This ensures data accuracy.

• More Flexible Manpower Allocation

The old process required approximately 18 people per month each year. After integration, the new method only needs about 5 people per month from IT maintenance support per year. This enables the workforce to shift toward higher-value-added tasks.

• Significant Reduction in Processing Time

The time required for each operation was reduced from 2–3 months to 1–2 weeks, creating an over 70% increase in process efficiency.

• Centralized and Transparent Data Management

All account data and approval records are stored on the platform, providing real-time inquiry capabilities and complete traceability. This effectively supports information audits and access control.

• The display of concrete ESG Implementation

Each account review operation saves approximately 1,000 sheets of paper, leading to the implementation of paperless operations.

In the future, the Administrative Form Approval Platform will continue to expand its application scope to include more administrative processes. The platform will also gradually integrate various form approval operations into a single system, improving consistency in IT operations and overall management efficiency. At the same time, with its high scalability, the platform can provide more electronic approval functions based on actual needs, further promoting the standardization of administrative processes and digital transformation. Subsequently, related operations will be introduced by the implementation process, further strengthening the foundation of digital governance and advancing toward the long-term goals of smart administrative operations and standardized information governance.