At Sekisui Kasei Group, we ensure our customers’ information assets are protected by implementing appropriate management procedures based on our information security policy.
To improve information security across the Group, we have set up an Information Security Committee. The committee is responsible for developing and maintaining rules and procedures for ensuring information security, providing regular training and e-learning opportunities to members of the staff and ensuring an improved understanding with regard to the handling of information assets.
Sekisui Kasei Group’s Information Security Policy:
Sekisui Kasei Co., Ltd. (“Company”) aims to become a company in which its stakeholders can place trust. For that purpose, the Company needs to appropriately protect all information assets that the company possesses and prevent any issues related to information security from occurring. To achieve this, we have developed a policy regarding the security of information that the Company holds to be implemented at all Group companies.
2. Purpose of Ensuring Information Security:
The most important reason for the Company to ensure information security is to protect information assets that the Company holds from the risk of accidents, crimes and errors. In addition to these direct benefits, ensuring information security can also produce indirect benefits such as enabling sound and safe operations, facilitating understanding of the importance of information assets and helping develop effective procedures.
3. Basic Principles:
All managing and non-managing members of the Company who handle information assets must comply with the following principles:
1) Handling of Information Assets:
Information assets handled by the Company must be handled appropriately according to the rules regarding information security set out by the Company.
2) Response to Security Incidents:
In case of security incidents, employees must report the occurrence, severity and location of such incident immediately. Each incident must be analysed to reduce the chance of recurrence.
3) Business Continuity Management:
All employees must endeavour to ensure the continuity of business operations, by minimizing the chance of business interruption due to security incidents and disasters.
4) Security Education:
The Company shall offer regular learning opportunities through the provision of handbooks and e-learning materials.
5) Compliance with Laws and Contractual Terms:
We shall comply with laws and contractual terms regarding information security.