Infosec Advisory, Co., Ltd. is built upon relationships of trust with our clients. To maintain this trust and provide better services, we must implement appropriate security measures for our information assets and protect them from loss, theft, and unauthorized use.
To achieve this, we believe it is most important that employees maintain a high level of security awareness and act in a manner that respects security, in addition to strengthening physical and technical security.
We hereby establish this “Information Security Policy” as a guideline for implementing appropriate protective measures for the information assets we hold and for continuously improving them. All employees, including management, shall understand this purpose and thoroughly understand and comply with the contents of our Information Security Procedures Manual.

【Definition of Information Security】

Information security is defined as maintaining the confidentiality, integrity, and availability of information.

【Scope of Application】

This applies to all information related to business activities under the company's control.

【Appointment and Duties of the Administrator】

The company shall establish an Information Security Committee.
The Information Security Committee shall protect information from unauthorized disclosure, tampering, and service disruption.

【Security Measures】

The company shall implement optimal information security measures according to the information being handled.

【Employee Obligations】

All employees, including temporary staff, shall act in accordance with the “Basic Information Security Policy,” “Information Security Manual,” and “Information Security Procedures Manual.” Violations shall be subject to the Employee Disciplinary Regulations.

【Identification of Information and Countermeasures】

The Information Security Committee shall identify corporate confidential information and privacy-related information.
For the identified information, the most appropriate information security measures shall be implemented for its protection.

【Personal Information Protection】

The company shall manage personal information in accordance with the Act on the Protection of Personal Information and relevant guidelines.

【Confidential Information Management】

The company shall manage customer and company confidential information in accordance with the Unfair Competition Prevention Act.

【Copyright Protection】

The company shall manage copyrighted works in accordance with the Copyright Act.

【Promotion of Information Security】

The Information Security Committee shall promote the company's information security.
The Management Department shall be the department in charge of information security.

【Education】

Awareness and education activities concerning information security shall be promoted by the Information Security Committee with the support of management.

October 1, 2019
Tetsuya Fujita, Representative Director, Infosec Advisory, Co., Ltd.