Information Security Policy (ISMS Basic Policy)
Informetis Co., Ltd. (“the Company”) recognizes that appropriate management of information is an important management issue, and so establishes “Information Security Policy” as our policy on handling information security, and complies with it. The policy covers information that we have obtained and learned from our corporate activities, as well as all information held by the Company.
- Establishment of Information Security Management Organization
The Company establishes Information Security Committee to construct a system that can promptly implement information security measures. We also appoint the chairman of Information Security Committee as “Information Security Management Officer” to execute appropriate management activities.
- Establishment of Internal Regulations
The Company establishes internal regulations on information security, and communicate the specific policies and rules across the company to protect and manage the information assets appropriately.
- Execution of Audit
The Company conducts audit as necessary on the status of compliance with laws, internal regulations, rules, etc., on information security, to verify status of their effective performance.
- Establishment of Personal Information Protection Management System and Continuous Improvement Thereof
The Company develops regulations and systems for handling personal information, establishes and implements personal information protection management system, and continuously applies improvements on them.
- Implementation of Information Security Measures
The company implements security measures from the perspective of organizational, physical, technical and human safety management, and strives to prevent accidents related to information assets, such as unauthorized access, destruction, information leakage, tampering, etc.
- Provision of Information Security Education
The Company continuously provides education and training to all employees to implement appropriate management of information assets.
- Management of Subcontractors
The Company regularly evaluates and reviews aforementioned efforts to implement continuous improvement to the information security management.
Date of enactment: June 1, 2015
Informetis Co., Ltd.
Chief Executive Officer