| 1. Purpose The security policy (hereinafter referred to as “this policy”) is established by Advanced Business Service Co., Ltd. (hereinafter referred to as “our company”) to ensure information security, recognizing appropriate management of information as an important management issue. To that end, we have established a basic policy on information security. |
|
| 2. Disclosure of Security Policy As a company that provides information processing services, we will strictly handle customer information and confidential company information, and will always take appropriate defensive measures against the risk of information leakage. By doing so, we will strive to earn the trust of our customers and related parties. For this reason, we will disclose this policy both inside and outside the company, and declare that we will comply with the “Privacy Policy (Action Guidelines for the Protection of Personal Information (see separate section)”). |
|
| 3. Scope All employees, officers and temporary workers of the Company will comply with this Policy and the Privacy Policy (see separate section). |
|
| 4. Information Security Management System In order to protect and appropriately manage all information assets held by the Company, the Company regularly holds an Information Security Committee attended bu members of the management, and monitors the status of information security management on a company-wide level. We will maintain a system that allows us to quickly implement the necessary security measures according to the understanding and risk analysis. |
|
| 5. Implementation of Information Security Measures In order to prevent incidents of unauthorized access, destruction, information leakage, falsification, etc. related to information assets, we implement an information security organizational structure, take physical measures, technical measures, operational measures, administrative and personnel measures, and accident response measures. In particular, in the event of an incident that compromises information security, we will quickly restore and resolve the situation, and provide our telecommunications business with a high level of reliability and continuity. |
|
| 6. Establishment of Internal Regulations Regarding Information Security The Company shall establish internal regulations based on this policy and the privacy policy( see separate section), and thoroughly disseminate clear policies and rules within the company for the appropriate management of information assets. |
|
| 7. Implementation of Information Security Education We will continue to provide information security education and training to all employees and related parties to improve information security literacy and to properly manage our information assets. |
|
| 8. Appropriate Management of Subcontractors etc. In addition, in order to continue to confirm that these security levels are being properly maintained, we will conduct periodic audits of outsourcing contractors and review management systems. |
|
| 9. Compliance with Laws and Regulations In addition to complying with relevant laws and regulations, the Company strives to thoroughly comply with the rules and regulations established by the Company. If any violation were to occur, it would be dealt with severely, reinforcing our commitment to appropriate information management. |
|
| 10. Information Security Internal Audits We will conduct internal security audits. |
|
| 11. Implementation of Continuous Improvement We will implement the continuous improvement of information security by operating PDCA at the company-wide level. |