The Group considers it its corporate mission to contribute to enhancement of fair capital competitiveness of the clients (the publicly traded companies, investors and market participants) and the growth of the global economy. To this end, the Group regards the security of its information assets as one of the challenges of corporate management and has formulated a basic policy for information security based on the Cybersecurity Management Guidelines, formulated by the Ministry of Economy, Trade and Industry and the Information-technology Promotion Agency, Japan (IPA), as a benchmark for protecting its information assets.
The Group will comply with laws, regulations and various official guidelines regarding information security, including cybersecurity.
To protect its information assets, the Group has established an information security system, including cybersecurity, and has designated a person responsible for cybersecurity. In addition, the Group requires outside contractors to ensure appropriate information security following the basic policy for information security.
The Information Systems Department of IR Japan, Inc., a Group subsidiary, acquired certification for the international standard ISO/IEC 27001: 2013 and for JIS Q 27001: 2014 for information security management systems (ISMS) in August 2019.
The Company will continue to improve the quality of its services through ISMS activities following the basic policy for information security established by the Company, raise the awareness of its clients and contribute to the improvement of information security in the industry as a whole.
To protect the information assets (including personal information) in its possession from all types of threats, the Group takes the necessary measures in terms of confidentiality, integrity and availability. The Group conducts regular audits of its systems in accordance with the basic policy for information security.
The Group periodically evaluates and reviews the basic policy for information security and related rules and management systems, and strives to continuously improve its information security activities.
The Group ensures that every employee is fully aware of the necessity of information security and complies with its requirements. It also conducts necessary training programs to ensure the continuation of such activities.
The Group conducts training for protecting personal information and explaining regulations related to insider trading when employees join the Group, regardless of whether they are midcareer or new graduates, and irrespective of their employment status. In addition, the Group conducts annual information security training for all officers and employees regarding the handling of various types of information, to ensure that they are fully aware of and comply with business rules and to foster a better awareness of information security.
The Group ensures that every employee is fully aware of the necessity of information security and complies with its requirements. It also conducts necessary training to ensure the continuation of such activities.
The Group always anticipates the possible occurrence of information security incidents, takes appropriate management measures and devises policies for prevention, prompt response and correction.
|Name of organization
|IR Japan, Inc.
|Name of division
|Information Systems Department
|Scope of certification registration
|Operations of the Information Systems Department
|Certification standards acquired
|ISO / IEC 27001: 2013, JIS Q 27001: 2014
|ANAB (ANSI National Accreditation Board)
|August 3, 2019
|Audit registration organization
|BSI Group Japan K.K.
IS 709550 / ISO 27001