1. Fundamental policy
Koyama Co., Ltd. should take the safety policy to information property and service we provide, maintaining its confidentiality, completeness and possibility in order to enhance competitiveness and develop the business continuously by obtaining the customer’s trust. This information security is our fundamental policy of the safety practice to information property, and all that may concern should participate in activities that protect information property.
2. Background of activity
Our business substrate is activities as a trading company that mainly makes use of electronic equipment such as personal computers, and we execute the exchange of information with the customers via Internet. It is necessary for us to observe the policy that protects important information of customers, business and individual as service and property to achieve the improvement of the activity continuously. All the employees should fulfil their responsibility to the society.
Applied to the information security activities related to ones of all employees (including director, part-time job and no-regular employee) engaged in the headquarters and each office and all businesses we do (stocking, sales and delivery of tack, machine, tool and antistatic goods as well as technological proposal and office business management in design and development).
4. Policy and approach method
Our president promotes the activities as a person responsible and designates the person in charge of information management as a general manager in quality control department. The person in charge of information management manages the committee in which heads in section participate, promoting the review by prevention and control activity of security problem, application of technical correspondence, establishment of a way of risk evaluation watch of security, evaluation and management review in order to maintain information security fundamental policy. Required resources are based on the result of risk management.
5. Watch of security
Heads in section, information promotion committee and person in charge should watch the condition of security countermeasures in each section in order to correspond to the planned internal inspection.
6. Education and training
It is necessary for all that may concern to attend the planned information security education in order to surely recognize and execute law that should be observed, our information security fundamental policy and business continuance plan.
7. Observance obligation and penalty
The manager and all employees are to observe the rule related to law regarding information security, regulations, contract matters and in-house information management. If violating it, treatment based on in-house information management regulations and work rules should be taken.
Dec, 24, 2004
Examination registration organization
JSA (foundation)Japanese Standards Association