Information security basic policy

Security policy

Beyond Inc. (hereinafter referred to as "the Company") has established its basic information security policy, which defines the Company's general direction and guidelines for action regarding information security, as publicly disclosed matters

Basic philosophy

■ We recognize our existence as a public institution and will serve society and our customers for the development of the IT society

We recognize the importance of customer-related and confidential information that we handle in our business activities, and we will thoroughly manage and protect it appropriately, comply with laws and regulations, and act with high ethical standards

Basic Policy

Based on this philosophy, we define information security as "maintaining the confidentiality, integrity, and availability of information assets," and will appropriately protect information assets from threats such as loss, theft, unauthorized access, computer viruses, etc. We will strive to

strengthen physical and technical security and raise employee awareness, and will strive to establish, maintain, and improve an information security management system whose primary purpose is to prevent security incidents and accidents related to customer information.

  1. The scope of application covers all information assets related to our business activities, and we prioritize the protection and maintenance of highly confidential information assets, such as information about our customers
  2. We will manage and maintain the information we entrust to external parties so that it is handled appropriately in the same way as it is handled internally
  3. We will establish standards and procedures for evaluating risks to information security threats and vulnerabilities to information assets, and will systematically implement appropriate management measures according to the information assets we handle to reduce risks to an acceptable level
  4. In order to ensure smooth promotion of information security, the ISMS Committee will clarify the roles and responsibilities for promoting and managing information security
  5. We provide all employees with the necessary training and ensure that they comply with the rules set out in the legal and contractual requirements, as well as security regulations
  6. We will assign internal auditors to regularly conduct information security audits and verify the suitability and effectiveness of the information security management system and compliance with established rules
  7. We will review our information security policies and management measures periodically or as needed, taking into consideration changes in business operations and social conditions, and strive to continuously improve information security
  8. Any violation of information security matters will be dealt with in accordance with the company regulations

ISMS (ISO/IEC 27001:2013) certification

Based on our ISMS (Information Security Management System) certification, we will continuously implement comprehensive information security initiatives for all information assets (organizational/human resources/operational/technical/legal) owned in our business activities in accordance with our information security basic policy.

● ISMS (ISO/IEC 27001:2013) certification: https://beyondjapan.com/isms-certification

First edition: Established September 1, 2011


Masahiro Haraoka, CEO
of Beyond Co., Ltd.