Basic Policy for Information Security
I.T. Plan Corp (hereinafter, “our company”), recognize that maintaining information security is a significant management matter and that it’s essential for us to lecture appropriate security measures and proceed protecting the customer information and other information assets that our company handles as part of our business operations.
Our goals are to protect confidentiality, integrity and availability of each information asset and prevent from incidents associated with information security assets, such as the leakage and falsification.
For these purposes, the following guiding principles for information security are enforced.
- In order to achieve establishment of and continual improvement of the information security management system, we clarify information asset risks based on the regulated drills and execute appropriate risk measures.
- We clearly regulate roles as well as responsibilities for information security and manage information assets properly.
- In order to ensure that all persons who handles our information assets, including our company’s executives and employees be aware of the responsibility for protecting these information assets, we conduct education and raise awareness of information security.
- We audit and record running information security management systems and periodically implement internal audits and thus enhance operational certainty and carry out the periodical improvement through the establishment and the achievement of information security purposes and management feedback.
- In the event of any information security incident, we will immediately investigate the cause, minimize the damage, and strive to ensure business continuity.
- We will comply with laws and other social norms, and contracts with customers regarding the information assets and handling of the same.
Revised September 1, 2020
I.T. Plan Corp.
President and CEO