Information security basic policy

Security policy

Beyond Co., Ltd. (hereinafter referred to as the "Company") sets out the general direction and action guidelines regarding information security in public information as the Basic Information Security Policy.

basic principle

■ Recognizing our existence as a public institution, we will serve society and our customers in order to develop the IT society.

We recognize the importance of customer information and confidential information handled in our business activities, ensure proper management and protection, comply with laws and regulations, and act with high ethical standards.

Basic policy

Based on this philosophy, our company defines information security as "maintaining the confidentiality, integrity, and availability of information assets," and appropriately protects information assets from threats such as loss, theft, unauthorized access, and computer viruses. Masu.

We strive to strengthen physical and technical security and raise employee awareness, and strive to establish, maintain, and improve an information security management system whose main purpose is to prevent security incidents and accidents related to customer information.

  1. The scope of application covers all information assets related to our business activities, and we will protect and maintain highly confidential information assets, such as information about our customers, with the utmost importance.
  2. We manage and maintain information that we entrust outside the company to ensure that it is handled appropriately in the same way as inside the company.
  3. Establish standards and risk assessment procedures for information security threats/vulnerabilities to information assets, and systematically implement appropriate control measures according to the information assets handled to accept risks. reduce to the level.
  4. In order to smoothly promote information security, the ISMS Committee will clarify the roles and responsibilities for promoting and operating information security.
  5. We provide the necessary training to all employees and ensure thorough compliance with the rules stipulated by laws and regulations, contractual requirements, and security regulations.
  6. We appoint internal auditors to regularly conduct information security audits and verify the suitability and effectiveness of the information security management system and compliance with established rules.
  7. Information security policies and management measures will be reviewed periodically or as necessary, taking into account changes in business content and social conditions, in order to continuously improve information security.
  8. If there is a violation of information security requirements, we will take action based on our work regulations.

ISMS (ISO/IEC 27001:2013) certification

Based on ISMS (Information Security Management System) certification and in accordance with our basic information security policy, we will manage all information assets (organizational/human resources/operational/technical/legal) owned by our company in our business activities. We will continue to implement comprehensive information security initiatives.

● ISMS (ISO/IEC 27001:2013) certification:

First edition: 2011.9.1 Established

Beyond Co., Ltd.
Representative Director Masahiro Haraoka