For us, information assets (information and information systems, etc.) are the source and most important asset for generating profits in system development work and our business activities.
We recognize that preventing information security incidents is our social responsibility.
We hereby declare that in order to protect information assets from information security threats, we handle information assets accurately and safely, realize information security in line with management strategies, and respond to customer trust.
1.We set the following security objectives and will implement various measures to achieve these objectives.
[Security objectives]
・ Respect and comply with contracts with customers and legal or regulatory requirements.
・ Prevent information security incidents.
・ Protect information assets from information security threats.
2.By expressing management’s intention regarding our approach to information security and clarifying the main action guidelines based on it, we will properly construct and operate an information security management system (ISMS) to ensure the confidentiality, integrity, and availability of important information assets and ensure their effectiveness continuously.
3.We will establish an information security manager and an information security committee for the operation of ISMS, and establish the necessary organizational structure for its operation.
4.In order to keep the risk of all important information assets handled at an acceptable level, we will establish systematic procedures and evaluation criteria for risk assessment and take appropriate risk countermeasures based on risk assessment.
5.We regularly educate all employees and measure their effectiveness to maintain and improve ISMS.
6.We will periodically evaluate and review the information security basic policy, related rules and management system, and strive to continuously improve information security.
August 1, 2017
Comway Co., Ltd.