Japanese

Information Security Policy

Basic Policy

  • We will comply with laws and regulations, norms, provisions of contracts with business partners, and rules related to information security, and will establish and implement an information security management system headed by an information security officer.
  • We will clarify the criteria for analyzing and assessing the risk of leakage, destruction, loss, etc. of information assets, establish systematic risk assessment methods, and conduct risk assessments on a regular basis. Based on the results thereof, we will implement necessary and appropriate security measures.
  • We will regularly educate, train and disseminate information to all employees to ensure that they recognize the importance of information security and handle information assets appropriately.
  • We will periodically inspect and audit the level of compliance with the basic policy on information security and the handling of information assets, and will promptly take corrective measures for any deficiencies or areas that require improvement.
  • In preparation for the occurrence of a serious incident that may affect our group’s business operations, we will establish in advance a management framework and handling procedures to minimize damage and will regularly review them to ensure the continuity of our group’s operations. In the unlikely event of an information security threat or serious incident, we will take appropriate measures to minimize the damage, and will quickly determine the cause and work to prevent recurrence.
  • We will continuously review and improve our rules concerning information security and our information security management system.

Adopted on December 23, 2022
Kuroda Group Co., Ltd.