Information Security Policy
PKSHA Technology Inc. (hereinafter referred to as "PKSHA") has a mission to shape the software of the future, and the information assets we handle in our business, including our clients' valuable information, are extremely important to us as the foundation of our business. PKSHA recognizes the importance of protecting such information assets from risks such as leakage, damage, and loss, and all employees, including directors and employees, shall comply with this policy and practice activities to maintain information security, including confidentiality, integrity, and availability of information assets.
- 1. To protect information assets, we will establish and follow an information security policy and comply with laws, regulations, and other rules related to information security, as well as the terms of our contracts with our customers.
- 2. We will clarify the criteria for analyzing and assessing the risk of leakage, damage, loss, etc. to information assets, establish a systematic risk assessment method, and conduct risk assessments on a regular basis. Based on the results, we will implement necessary and appropriate security measures.
- 3. We will establish an information security system led by a director in charge, and clarify the authority and responsibility for information security. In addition, we will regularly educate, train, and enlighten all employees to ensure that they recognize the importance of information security and handle information assets in an appropriate manner.
- 4. We will periodically inspect and audit the status of compliance with the Information Security Policy and the handling of information assets, and promptly take corrective action for any deficiencies or improvement items found.
- 5. We will take appropriate measures against the occurrence of information security events and incidents, and in the event of such incidents, we will establish a response procedure in advance to minimize damage, and in the event of an emergency, we will respond promptly and take appropriate corrective measures. In addition, we will ensure business continuity by establishing a framework for the management of incidents, especially those that could disrupt business operations, and by regularly responding to, testing, and reviewing such incidents.
- 6. establish and implement an information security management system that sets forth goals to realize our basic philosophy, and continuously review and improve the system.
March 1, 2008 Established
PKSHA Technology Inc.
Representative Director Katsuya Uenoyama