Security Policy
情報セキュリティ基本方針

Information Security Initiatives

N&I Systems Co., Ltd. (hereinafter referred to as “the Company”) is committed to providing “services that customers can entrust to us with confidence,” and all of our employees strive daily to achieve this goal.
Quality is of the utmost importance when providing services to our customers. We believe that the maintenance and management of information assets are key to ensuring this quality. This is the purpose behind our acquisition of BS7799 and ISMS certifications.

Moving forward, we are committed to improving quality. In addition to ensuring compliance, we will continue to strengthen our internal systems to thoroughly maintain and manage our information assets, thereby providing services that offer our customers peace of mind and satisfaction.

Information Security Policy

Information security management is one of our company’s fundamental corporate policies and a critical factor in supporting our sound management and growth.

All officers and employees are responsible for the information security management of our customers’ and our own various types of information. To ensure this is implemented at the highest level, it is essential that each and every officer and employee maintains a high level of awareness regarding information security management and works to continuously improve it.

All officers and employees must correctly recognize the importance of information security management and comply with the series of regulations based on the Basic Information Security Policy.

1. Purpose

  1. Information is a vital asset to our company. Ensuring the proper management of all information is both a key management priority and a social responsibility for our company. This Basic Information Security Policy sets forth the fundamental principles governing the management and protection of all information held by our company.
  2. The Basic Information Security Policy clarifies the fundamental principles for implementing measures to prevent the loss, leakage, and unauthorized use of information, and establishes information management practices aimed at protecting confidentiality and integrity while improving availability.
    1. Confidentiality: Access to and use of our company’s and our customers’ information must be appropriately controlled.
    2. Integrity: Stored information must be protected from unauthorized modification during its retention period to ensure its accuracy and reliability.
    3. Availability: Information must be available in a timely manner when needed.

2. Scope of Application

  1. The Basic Information Security Policy applies to all information assets held by the Company.
  2. The Basic Information Security Policy applies to all officers and employees of the Company.
  3. All parties handling our information—including external contractors and partner companies—must commit to complying with our Basic Information Security Policy.

3. Information Security Manual

The Information Security Manual sets forth the provisions for applying the Basic Information Security Policy in practice.
The Information Security Manual is a set of company regulations (rules) established in accordance with the requirements for implementing an ISMS (Information Security Management System) as specified in ISO standards.

4. Information Security Management System

  1. The President shall serve as the chief executive responsible for the Company’s information security management. The President shall establish an information security management system, ensure that all officers and employees are fully informed of the Company’s Basic Information Security Policy, and take measures to enhance awareness of information management.
  2. The President shall establish an Information Security Steering Committee to deliberate on information security standards and requirements, and to implement and evaluate related measures.
  3. Based on the decision of the Information Security Steering Committee, the President shall appoint an Information Security Manager to ensure the smooth implementation of the ISMS.
  4. The Information Security Manager shall take appropriate measures to ensure that the Company maintains an appropriate level of information management.
  5. Managers in each department shall, in accordance with the implementation guidelines of the Information Security Steering Committee, conduct risk assessments of their department’s information assets, formulate control measures, implement and evaluate risk management, and strive for the continuous improvement of the ISMS.
  6. All of our officers and employees fully understand the importance of information security management and take proactive steps to maintain and improve our information security standards.

5. Information Management

  1. Our company implements information security management in accordance with the Information Security Manual.
  2. Any conduct that violates the Information Security Manual will result in disciplinary action in accordance with the Employment Rules.
Effective Date: October 28, 2004
Revised: April 1, 2018

N&I Systems Co., Ltd.
Tsutomu Kawase, President and CEO