Enacted on December 1, 2001
Revised on October 1, 2006
The Corporation’s business activities are founded on a relationship of trust between itself and its customers. Consequently, our business activities are built on establishing and preserving the confidentiality, security and availability of information-based assets and the provision of secure services. The Corporation’s basic policies on information security are outlined below.
- Risk Management Committee determines company-wide risk management policies and is responsible for promoting that policies. It strives to properly protect information-based assets, and to this end has three subcommittees. These are the Compliance Committee, for promoting, compliance with laws and regulations; the Personal Information Protection Committee, for the protection of personal information; and the Information Security Management System Committee, for promoting information security.
- The Corporation’s information security policy consists of this basic policy on information security and standards related to information security. All executives and employees shall observe such policy and standards and participate in their implementation.
- The Corporation recognizes as information-based assets all personal information, technical information and sales-related information handled in the course of conducting its business, as well as machinery, equipment and systems used to handle this and other information. The Corporation shall protect all such assets.
- The Corporation recognizes the risks posed by the significance, threat and vulnerability of information-based assets and devises appropriate security information measures in accordance with such risks. The Corporation constantly reviews and checks the implementation of such information security measures.
- In undertaking corporate activities, all executives and employees shall comply with laws, standards and guidelines pertaining to information security and the Corporation’s information security policy.
- The Corporation conducts education and training so that all executives and employees recognize the importance of information security and maintain the skills necessary to contribute to the achievement of goals.
- The Corporation ensures business continuity in order to provide safe service to our customers.
- In the event that an employee of the Corporation violates internal rules on information security, the employee shall be subject to disciplinary action in accordance with the employment regulations.
- The Corporation has established a contact point for prompt response to issues and trouble related to information security.
- The Corporation reviews its information security policy on a regular basis as a means of maintaining the proper and appropriate protection of information-based assets. Such reviews are done to reflect laws and other standards, the results of audits of information security measures and other relevant business conditions.
President ＆ Representative Director