Group Information Security Policy

Our activities are guided by a management philosophy that states "The ITHD Group seeks to be a corporate citizen whose activities, namely, the provision of various services utilizing information technology (IT), match its status as a leading corporate group, and will strive to raise corporate value, supported in this effort by the high regard of all its stakeholders, including clients and shareholders as well as employees and their families."
Realization of this management philosophy requires sustained attention to good corporate ethics with regard to information security and meticulous efforts to protect customers' systems and data and other information assets, as well as our own information assets, management resources, from all sorts of risks.
We formulated policy on information security to ensure appropriate safeguards for protecting information assets and remain committed to this policy.

Information Security Management Structure

The ITHD Group benefits from the Group Compliance Committee, a management structure that addresses risks associated with information security on a groupwide basis.
All companies under the ITHD Group umbrella follow the Group Information Security Policy and implement the stated information security management structure as their own.

Compliance with laws and contractual requirements

The ITHD Group respects information security-related laws, especially Japan's Personal Information Protection Law, and regulations, guidelines and contractual requirements linked to information security.

Establishing information security management rules

ITHD handles the establishment of information security rules and management standards for the Group, clearly describes the content to Group companies, and regularly reviews content to ensure suitability to the times.

Preventative measures

ITHD formulates suitable measures for the Group based on the results of risk assessments to protect all information assets entrusted to Group companies by customers as well as the Group's own information assets, management resources, from threats such as loss, mishaps, disasters and criminal activities. If by chance, however remote, an issue does arise, the cause will be identified and measures will be implemented quickly to minimize damage, and efforts will be made to prevent the issue from reoccurring.

Education and training

All executives and employees at Group companies attend education and training sessions designed to raise awareness of the importance of information security and to ensure that information assets are handled properly at each Group company.

Continuous improvement

To confirm that policy is respected, the Group Compliance Committee evaluates the status of the security management system on a regular basis and strives for continuous improvement.

Policy established April 1, 2008

IT Holdings Corporation
President
Susumu Okamoto

TIS Inc.
President
Toru Kuwano

Advantages

Services

Corporate Data