Information Security Basic Policy

As a matter of course, we observe social norms such as laws and regulations, we will constantly make efforts to continuously improve the quality management system so that we can satisfy our customers' expectations and needs, and we realize the following.

We will contribute to the local community with the aim of eradicating crime as well as acquiring customer's empathy and support, by seeking trends of the world, by self-growth and human formation, and creating all the values. To that end, we set up an information security basic policy to protect the information assets we deal with from theft, tampering, destruction, leakage, unauthorized access, etc., and practice information security management system based on the following policy.

  1. We established an information security management system that is based on related laws and regulations and contractual requirements with customers; all officers, all employees, and partner company employees comply with this. We will also practice PDCA to continuously improve.
  2. Our information security management system covers all information assets related to our business activities. In particular, we will manage the information customers gave us so that no events such as leaks will occur.
  3. We will organize information assets as information assets inventory, carry out risk assessment, and take safety measures for each business process of important information. In addition, the head office and branch office will establish physical security, secure installation of information equipment, appropriate access control, proper management of documents and media.
  4. We regularly conduct education, training and awareness-raising activities related to information security necessary for all business operations for all employees and partner company employees to improve knowledge and raise awareness.
  5. Employees who violate our security policy are subject to disciplinary action based on employee employment rules, contract employee employment rules and temporary employee work rules
  6. y defining responsibilities and procedures, we prepare for appropriate measures such as preventive measures against "security incidents" and measures to prevent the spread of damage when they arise, we will endeavor to prevent obstacles to continuing business activities.
  7. The president periodically conducts a management review every year and inspects the implementation status of ISMS and gives necessary instructions.

  8. November 1, 2017
    Masatoshi Asaka
    Executive Officer and President
    Nichihou Co., Ltd.