TIS INTEC Group Information Security Policy
Our activities are guided by a management philosophy that states "The TIS INTEC Group seeks to be a corporate citizen whose activities, namely, the provision of various services utilizing information technology (IT), match its status as a leading corporate group, and will strive to raise corporate value, supported in this effort by the high regard of all its stakeholders, including clients and shareholders as well as employees and their families."
Realization of this management philosophy requires sustained attention to good corporate ethics with regard to information security and meticulous efforts to protect customers' systems and data and other information assets, as well as our own information assets, management resources, from all sorts of risks.
We formulated policy on information security to ensure appropriate safeguards for protecting information assets and remain committed to this policy.
Information Security Management Structure
The TIS INTEC Group has established and maintains a management system to addresses all manner of information security risks on a group-wide basis.
All companies under the TIS INTEC Group umbrella follow the Group Information Security Policy and implement the stated information security management structure as their own.
Compliance with laws and contractual requirements
The TIS INTEC Group respects information security-related laws, especially Japan's Personal Information Protection Law, and regulations, guidelines and contractual requirements linked to information security.
Establishing information security management rules
The TIS INTEC Group handles the establishment of information security rules and management standards for the Group, clearly describes the content to Group companies, and regularly reviews content to ensure suitability to the times.
The TIS INTEC Group formulates suitable measures for the Group based on the results of risk assessments to protect all information assets entrusted to Group companies by customers as well as the Group's own information assets, management resources, from threats such as loss, mishaps, disasters and criminal activities. If by chance, however remote, an issue does arise, the cause will be identified and measures will be implemented quickly to minimize damage, and efforts will be made to prevent the issue from reoccurring.
Education and training
All executives and employees at Group companies attend education and training sessions designed to raise awareness of the importance of information security and to ensure that information assets are handled properly at each Group company.
To confirm that policy is respected, our information security management system undergoes regular evaluation and continuous improvement to ensure compliance with this policy
July 1, 2016
Policy established April 1, 2008 and revised July 1, 2016