Basic Policies for Information SecurityDigiOn, Inc.
Chief Executive Officer: Hisatoshi Taura
DigiOn, Inc. (the “Company”) has established these Basic Policies for Information Security for the purpose of recognizing the importance of maintaining the privacy of confidential information and Personal Information entrusted by customers as well as important information of the Company. The Company aims to contribute to society through software development, gaining the trust of, and developing together with, customers and society. DigiOn will adhere to these Basic Policies for Information Security to build more advanced information security management systems.
DigiOn will set up an Information Security Committee to manage information security across the Company including development, implementation, and review of the information security policies, based on which we will take measures for the risks associated with information security.
The applicable scope of these Basic Policies for Information Security shall include the human, physical, and environmental resources related to the Company's information assets. For the area of human resources, these Basic Policies for Information Security apply to anyone with access to the confidential information under the control of the Company and the information assets of the Company, including employees and officers of the Company and companies recognized in contracts with the Company.
The information security policies established by the Company will set forth the security standard or measures for protecting the confidential information under the control of the Company and the information assets of the Company from deliberate or accidental alteration, destruction, leakage and other acts.
Implementation of Measures
The information security policies established by the Company will set forth the procedures for implementing the security standard. The Company will implement a risk assessment and put appropriate security measures in place, while recognizing the importance of confidentiality, integrity and availability of information.
Compliance with Laws and Regulations
Our employees and officers will ensure thorough compliance with related laws and regulations. We will also educate our employees on a regular basis to observe the rules and regulations established by the Company.
The Company will implement internal audits and other monitoring measures to verify and evaluate compliance and effectiveness of the rules and regulations established by the Company. Any activities in violation of the rules and regulations will be dealt with severely to ensure proper information management.
We will strive to continuously review and improve handling of the above practices in line with the legal system and the social situation, and also according to the audit results.