For our company, informational assets (information and information systems) are our resources for making profits through our business activities, as well as the most valuable assets. The prevention of information security failure is also a social responsibility.
We will handle informational assets securely and safely to protect them from information security threats so that we ensure the information security in accordance with our corporate strategy and gain trust from our customers.
- We hereby present the determination of our board of directors regarding their initiatives for information security and clearly provide the primary action policy, whereby we properly structure and operate the information security management system (ISMS), endeavor to ensure the confidentiality, integrity, and availability of the important assets, and assure their validity continuously.
- We are appointing an information security chief manager and setting up an information security committee for the operation of ISMS and structure our organization so that it is capable of operating ISMS.
- We stipulate a systematic procedure and criteria for risk assessment in order to keep the risks for all important assets in our possession at a controllable level and implement appropriate measures against the risks based on effective risk management.
- We provide education to all our employees regarding the maintenance and improvement of ISMS, and we monitor the effect of such education.
- The scope of this policy concerns the Environmental Energy Division.