1. HOME
  2. About
  3. Establishment of a security promotion system

Establishment of a security promotion system

We have established the following security promotion system to identify various threats to information assets and eliminate or minimize damage.

Security Promotion System

The risks surrounding companies are diversifying and changing, including recent cyber attacks. Our company is working to improve security from various angles, including top-down activities at the corporate level, represented by the "Internal Control Committee" established under the Board of Directors, and bottom-up activities at the field level by legal compliance officers.
We also check whether information security rules are being complied with through regular internal audits.
We implement these efforts as a PDCA cycle to continuously maintain and improve our information security level.

As part of our security promotion system, mutual checks are conducted by partner company managers, legal Compliance Department Promoter = General Manager (compliance promoters in each group = group leaders, compliance officers), person responsible for compliance matters, security control departments, executive management board and the board of directors. In addition, audits are conducted by the Auditors & Supervisors, internal audits by the Internal Audit Department, and external audits by external parties.

Security-related company regulations

Our security-related company regulations are organized in a hierarchical structure as basic policies, regulations, and standards.

The relevant basic policies are the Basic Policy on Information Asset Protection Management, the Personal Information Protection Policy, and the Basic Policy on Cybersecurity.The regulations are the Information Asset Protection Management Regulations, the Personal Information Protection Regulations, and the Regulations on Cybersecurity and Cyber Incident Response.The standards include the Information Asset Protection Management Standards, the Personal Information Protection Standards, and the Standards on Cybersecurity and Cyber Incident Response, etc.

Security Training

Even if company rules regarding information security are in place, if employees do not understand the contents of those rules, security cannot be improved. At our company, the security department takes the lead in regularly educating all employees and partner companies about compliance and security, in order to foster an information security mindset.

Company Information