Information Security Policy
Sankyu (including its affiliates; the same applies below) believes that information within the company including personal information is an important asset.
By protecting this information from a variety of security threats inside and outside the company,
and providing a sense of security and reliability to customers while fulfilling our social responsibility,
we will conduct the continuous and stable business operations and increase corporate value.
Sankyu complies with laws and regulations on information security and this Information Security Policy,
and endeavors to maintain an advanced information security management system.
- 1. Appointment of information security manager
- Sankyu will appoint an information security manager who accurately understands the condition of information security on a companywide level, and is able to swiftly and appropriately take the necessary action if there is a problem.
- 2. Establishment of internal rules on information security
- Sankyu will establish internal rules for the protection of information assets and indicate a clear policy on the handling of information assets, in addition to swiftly investigating the details of incidents and taking appropriate action immediately at the direction of the information security manager in the event of an incident such as an information leak
- 3. Raising awareness of information security
- Sankyu will conduct security education and training for employees,
and endeavor to enable employees to conduct business with an awareness of information security.
- 4. Strengthening of outsourcing contractor management system
- Sankyu adequately reviews the information security qualifications, etc.
of outsourcing contractors when outsourcing operations,
and supervises them to maintain the same or a higher security level as Sankyu.
- 5. Scope of Information Security Policy
- The “information assets” covered by this policy is information obtained and learned in Sankyu’s corporate activities, and all information held by Sankyu in the course of business.
Furthermore, this policy shall be followed by Sankyu employees involved in the handling and management of these information assets,
and outsourcing contractors who handle Sankyu’s information assets.
