Home » Page

Information Security Policy

1 Establishment of ISMS (ISO 27001)
The Company performs the development of information security management measures related to our business and shall establish the ISMS while taking into account request of the customer, the social demands as well as our business policy

2 Request of the customer
The Company performs the safety management of the information securely and shall endeavor to continue the provision of services of customer-friendly in accordance with regulations and procedures stipulated. In order to meet the customer’s expectations related to our business, the information entrusted by suppliers shall be handled under the supervision of the person responsible.

3 Societal demand
The Company shall comply with the Personal Information Protection Law, the Unfair Competition Prevention Laws, regulations related to information security and other regulations.

4 Request on business
The Company achieves the business objectives of the Company and develop information security management measures for customer satisfaction and shall build the information security infrastructure.

a) Implementation of risk assessment
The Company carries out the systematic risk assessment for proper risk control for information assets to clarify the criteria for assessing the risk. The Company develops appropriate information security management measures based on the results of the risk assessment.

b) Implementation of information security management measures
The Company implement appropriate management measures based on the results of the risk assessment in order to protect the information assets from threats such as leakage, alteration and loss.

c) Prevention and correction of information security incidents and accidents
In the event of information security incidents and violation has occurred, the Company promptly takes appropriate corrective action and shall endeavor to prevent a recurrence to minimize the damage.

d) Implementation of business continuity management
The company deals with the interruption of the Company’s business activities while minimizing the impact on the information assets due to a serious failure or disaster. The company also establishes a framework for business continuity management and create a business continuity plan and the plan shall be tested

5 Review of the basic policy
The Company timely conduct a review of the basic policy based on the changes in the results and the Company’s external environment of the audit.