Information Security Basic Policy

Security policy

Beyond Inc. (hereinafter referred to as "the Company") has established its basic information security policy, which defines the Company's general direction and guidelines for action regarding information security, as publicly disclosed matters

Basic philosophy

■ We recognize our existence as a public institution and will serve society and our customers for the development of the IT society

We recognize the importance of customer-related and confidential information that we handle in our business activities, and we will thoroughly manage and protect it appropriately, comply with laws and regulations, and act with high ethical standards

Basic Policy

Based on this philosophy, our company defines information security as "maintaining the confidentiality, integrity, and availability of information assets," and appropriately protects information assets from threats such as loss, theft, unauthorized access, and computer viruses. We

strive to establish, maintain, and improve an information security management system whose primary objective is to prevent security incidents and accidents related to customer information, by strengthening physical and technical security and raising employee awareness.

  1. The scope of application covers all information assets related to our business activities, and we prioritize the protection and maintenance of highly confidential information assets, such as information about our customers
  2. We will manage and maintain the information we entrust to external parties so that it is handled appropriately in the same way as it is handled internally
  3. We will establish standards and procedures for evaluating risks to information security threats and vulnerabilities to information assets, and will systematically implement appropriate management measures according to the information assets we handle to reduce risks to an acceptable level
  4. In order to ensure smooth promotion of information security, the ISMS Committee will clarify the roles and responsibilities for promoting and managing information security
  5. We provide all employees with the necessary training and ensure that they comply with the rules set out in the legal and contractual requirements, as well as security regulations
  6. We will assign internal auditors to regularly conduct information security audits and verify the suitability and effectiveness of the information security management system and compliance with established rules
  7. We will review our information security policies and management measures periodically or as needed, taking into consideration changes in business operations and social conditions, and strive to continuously improve information security
  8. Any violation of information security matters will be dealt with in accordance with the company regulations

ISMS (ISO/IEC 27001:2022) certification

Based on our ISMS (Information Security Management System) certification and in accordance with our Information Security Basic Policy, we continuously implement comprehensive information security measures for all information assets (organizational, human resources, operational, technical, and legal) owned in our business activities.

● ISMS (ISO/IEC 27001:2022) Certification:https://beyondjapan.com/isms-certification

First Edition: September 1, 2011 Established by

Beyond Co., Ltd.
Masahiro Haraoka, Representative Director,