Basic Policy on Information Security
We believe that information security initiatives are an important management issue in the business activities of SpiderPlus & Co. (the “Company”). The Company has constructed an information security management system (“ISMS”) that conforms to “ISO/IEC 27001:2013,” and will endeavor to protect information assets of customers that are handled by the Company and the Company’s assets, to prevent security accidents, and to continuously improve information security. The Company sets out the below “Basic Policy on Information Security” and declares its execution and promotion in order to respond to the public and customers’ trust.
- Purpose of ISMS
- By preventing information security accidents before they occur, to carry out its corporate social responsibility and aim to realize continuous customer service; and
- If an information security accident occurs, to minimize and promptly recover the damages thereof and to prevent the occurrences of similar accidents.
- To construct an information security system and to organize the establishment and environment of the information security system, and to continuously carry out and improve the ISMS.
- To execute security countermeasures based on risk assessments and to prevent accidents and their recurrence by executing security countermeasures based on risk assessments.
- To carry out education and training and to educate and train officers and employees, and to make known the provisions for improving the awareness of information protection and information management.
- To comply with the laws and regulations and strictly perform the agreements with customers, and to ensure the security of information assets based on internal rules.
- To periodically review and improve the information security management system in order to properly respond to social changes, technological changes and legal changes.
November 1, 2014
SpiderPlus & Co.
Kenji Ito, President & CEO