Information Security Policy
ES-CON Japan Ltd. (hereinafter the “Company”) recognizes the protection of information assets such as personal information owned by the Company from the threat of leakage, loss, falsification, disappearance, etc. as an important issue in management and has established the basic policy related to information security to make such efforts throughout the Company.
1. Development of Management System of Information Security
The Company established a safe information security management system by making all executives and employees (including temporary workers) using the information assets owned by the Company understand the Basic Policy on Information Security, comply with laws and regulations concerning information security and other norms and appropriately protect information assets.
2. Deployment of Personnel Responsible for Information Security
The Company shall assign personnel responsible for controlling information security to accurately grasp the status of information security control and make it function continuously and effectively.
3. Development of Internal Rules Concerning Basic Policy on Information Security
Based on the Basic Policy on Information Security, the Company shall develop the internal rules concerning handling of information assets and make sure that all executives and employees are informed about a clear policy.
4. Compliance with Laws and Regulations
The Company complies with real estate-related laws and regulations, the Personal Information Protection Act, laws and regulations concerning information security and other norms, guidelines, internal rules, etc.
5. Evaluation of the Risk of Information Security
The Company shall establish a system to understand, distinguish and evaluate the risks on information assets and realize an appropriate management system in accordance with the purpose of use and importance of information assets.
6. Implementation of Information Security Measures
The Company secures confidentially, integrity and availability of information assets by implementing reasonable information security measures against specific threats and making efforts in safe control of information assets.
7. Education for Improving Information Security
The Company provides education on security to all officers and employees to make sure that the obligations of all officers and employees concerning the protection of information assets are informed and to maintain and improve the security level for protecting information assets.
8. Response to Information Security Accidents
In the case of an information security accident, the Company strives to promptly handle the accident and prevent the spread of the disaster as well as prevent the recurrence of such accidents.
9. Measures Against Violation of Basic Policy on Information Security
In the case of a violation of the basic policy on information security, the Company shall make sure that everyone inside and outside the Company take it seriously.
10. Development and Implementation of Self-Inspection and Monitoring
The Company intends to improve effectiveness and reliability of information security by developing a periodic self-inspection system and conducting daily monitoring of the management and operational status of information security.
September 23, 2017
ES-CON Japan Ltd.
President Takatoshi Ito