PRINCIPAL INFORMATION SECURITY POLICY
In developing Web services and related business activities, information assets (such as information and information systems) are the source for generating profits and the most valuable assets for us. It is also our social responsibility to prevent information security breach incidents.
In order to protect such information assets from information security threats, we intend to handle the information assets in a precise and secure manner, carry out information security measures in line with management strategies, and live up to customers’ trust.
We have set up the following security objectives and will make sure to take various measures to achieve such objectives:
- to honor and comply with contracts with customers as well as legal and regulatory requirements;
- to prevent information security breach incidents; and
- to protect information assets from information security threats.
By expressing our management’s determination in relation to our efforts in the area of information security and clarifying our principal guidelines for action based on such determination, we have developed and operate an Information Security Management System (ISMS) in an appropriate manner, make efforts to ensure the confidentiality, integrity, and availability of significant information assets, and continuously ensure the effectiveness of such assets.
For the administration of the ISMS, we have an Information Security Manager and an Information Security Committee in place and implement an organizational structure that will be required for the operation.
In order to keep risks at an acceptable level with regard to all significant information assets handled by us, we have established systematic procedures and criteria for risk assessment and take appropriate measures against such risks based on the risk assessment.
For the purpose of maintaining and further improving the ISMS, we provide training to all our employees on a regular basis and measure the resulting effect.