Governance

The Group considers it its corporate mission to contribute to enhancement of fair capital competitiveness of the clients (the publicly traded companies, investors and market participants) and the growth of the global economy.

To this end, the Group regards the security of its information assets as one of the challenges of corporate management and has formulated a basic policy for information security based on the Cybersecurity Management Guidelines, formulated by the Ministry of Economy, Trade and Industry and the Information-technology Promotion Agency, Japan (IPA), as a benchmark for protecting its information assets.

The Information Systems Department of IR Japan, Inc., a Group subsidiary, acquired certification for The Information Systems Department of IR Japan, Inc., a Group subsidiary, acquired certification for the international standard ISO/IEC 27001: 2013 and for JIS Q 27001: 2014 for information security management systems (ISMS) in August 2019.

The Company will continue to improve the quality of its services through ISMS activities following the basic policy for information security established by the Company, raise the awareness of its clients and contribute to the improvement of information security in the industry as a whole.

To protect the information assets (including personal information) in its possession from all types of threats, the Group takes the necessary measures in terms of confidentiality, integrity and availability.

The Group conducts regular audits of its systems in accordance with the basic policy for information security.

The Group ensures that every employee is fully aware of the necessity of information security and complies with its requirements. It also conducts necessary training programs to ensure the continuation of such activities.

The Group conducts training for protecting personal information and explaining regulations related to insider trading when employees join the Group, regardless of whether they are midcareer or new graduates, and irrespective of their employment status.

In addition, the Group conducts annual information security training for all officers and employees regarding the handling of various types of information, to ensure that they are fully aware of and comply with business rules and to foster a better awareness of information security.