ISMS Information Security Basic Policy

ISMS Information Basic Policy
The first edition
December 1, 2015

For our company, information assets (including information and information system) is the source to generate profit as well as the most important asset for system development, operation, technology development (software), consulting and our company’s other business activities associated with it.
In addition, preventing information security accidents in advance is social responsibility.
Our company handles information assets accurately and safely in order to protect information security threats. We also realizes information security that fits our management strategies, and responds to our clients’ trust.

  1. Our company sets the following security objectives, and surely implement various policies to achieve these objectives.

    Security purpose

    • Respect and comply with contracts with clients and legal or regulation requirements.
    • Prevent information security accidents in advance.
    • Protect information assets from information security threats.
  2. Our company builds/operates the Information Security Management System (ISMS) properly, makes efforts to secure confidentiality, completeness, and availability of important information assets, and continues to improve its effectiveness by expressing management’s intention regarding our company’s actions for information security and clarifying major action guidelines based on that.
  3. Our company installs the information security committee and its chairperson, and has the organizational structure in place necessary for operation.
  4. Our company sets systematic procedures evaluation standard for risk management, and takes proper measures for risks based on risk assessment in order to maintain the acceptable standard for risks of all the important information assets that we handle.
  5. Our company implements education periodically for all the employees in order to improve ISMS maintenance, and measures effectiveness.


第 1 版
2015年 12 月 1 日


  1. 当社は、以下のセキュリティ目的を設定し、この目的を達成するための諸施策を確実に実施する。


    • お客様との契約及び法的または規制要求事項を尊重し遵守する。
    • 情報セキュリティ事故を未然に防止する。
    • 情報セキュリティ上の脅威から情報資産を保護する。
  2. 当社は、情報セキュリティに対する当社の取り組みに関する経営陣の意思を表明し、それに基づく主な行動指針を明確にすることにより、
  3. 当社は、ISMSの運営のために情報セキュリティ委員長と情報セキュリティ委員会を設置し、
  4. 当社は取り扱うすべての重要な情報資産のリスクを受容可能な水準に保つため、
  5. 当社は、ISMSの維持向上のため全社員に対して定期的に教育を実施し、効果を測定する。