The corporate philosophy of Nicosys Co. Ltd. (hereafter referred to as "the Company" ) is to fill the world with smiles through our IT operations.The information assets the Company handles in its operations, including customer information, are extremely important as the management foundation of the Company.We establish this basic Information Security Policy to fulfill our social mission as a company to protect the information assets of clients and the Company that we handle in the course of our business, from various threats (risks of leakage, damage, loss, etc.).
1. Scope of Application
All employees and officers shall comply with this policy and fulfill their designated duties and responsibilities.
2. Implementation of Measures
We will fully implement measures to ensure the security of the information assets we handle in our business and will always give top priority to efforts preventing risks of loss, destruction, falsification, and leakage of information. In particular, in the event of a breach of information security, we will quickly work on restoration and resolution to maintain the trust.
3. Maintaining and Improving the Management System
We will continuously make risk assessments of information assets from multiple angles considering technological developments and changes in the business environment. In addition, we will maintain and improve information security by reflecting it in our information security policy and various measures based on the policy.
4. Appropriate Management of Outsourcing Providers
When outsourcing a whole or part of the work, we will fully review the appropriateness of the agent as an outsourcing provider by agreeing on a contract to maintain the security level needed.
5. Compliance with Laws and Regulations
We will comply with laws, regulations, and other norms related to information security. We will ensure appropriate information management by taking strict actions against violations.
6. Responsibility and Authority, Conducting Education and Training
We will establish an information security system led by our officers and clarify the authority and responsibility regarding information security. In addition, we will also hold education and training sessions regularly to train all employees on the importance of information security and to ensure the proper handling of information assets.
7. Corrective Action
Regular inspection and audits shall be conducted regarding the status of compliance with the Information Security Policy and handling of information assets. Corrective actions shall be taken promptly for any deficiencies or items that need improvements.
Enacted February 1, 2022 Nicosys Co. Ltd. Daisuke Kubota