Information Security Basic Policy

 

We CHINO CORPORATION (hereinafter referred to as “CHINO”) have established “Information Security Policy” (hereinafter referred to as “This Policy”) as the basic policy of our approach to regarding information security so that we can always gain the trust of our customers and business partners as well as society. We will comply with “This Policy” and the separate “About the handling of Personal Information” (hereinafter referred to as “Privacy Policy“).


I. Applicable target and scope

The “information assets” covered by “This Policy” shall be the information obtained, information acquired through our corporate activities and all the information we hold in our business.
Our “all officers and employees” who are involved in the handling and management of this “information asset” and “outsourcing contractors and their employees” who handle our “information assets” will comply with “This Policy” and “Privacy Policy”.


II. Management system

CHINO will protect and properly manage the “information assets” in the information security management department.
In addition, by assigning an information management manager to each organization, we will promptly implement information security measures.
Through these measures, we will accurately grasp the status of information security throughout the company and take proactive activities so that necessary measures can be taken promptly.


III. Legal compliance and internal rules

CHINO will establish rules based on relevant laws and “This Policy” and “Privacy Policy”, and will thoroughly comply with them internally. In addition to applying penalties for violations, we will prevent accidents by notifying them in advance.


IV. Implementation of measures

In order to prevent accidents such as unauthorized intrusion, leakage, alteration, loss, destruction, and obstruction of use of “information assets”, CHINO will take appropriate organizational, physical, technical, and human safety management measures.
We also aim to improve corporate credibility by implementing business continuity measures and disaster recovery measures to support information security from the ground up.

V. About education

CHINO will continuously provide information security education and training to all officers, employees and related parties in order to improve information security literacy and properly manage “information assets”.


VI. Management of outsourcing contractors

When CHINO outsource all or part of our business, we will thoroughly examine the eligibility as an outsourcing contractors and record in writing that we will maintain the same level of security as our company. In addition, in order to confirm that these security levels are properly maintained, we will carry out regular audits and reviews of outsourcing contractors.


VII. Audit and continuous improvement

CHINO will carry out information security internal audits on a regular basis and irregularly as necessary in order to verify that information security-related laws and regulations, internal rules, operational procedures, etc. are compiled and functioning effectively.
By regularly evaluating and reviewing the above efforts, we will maintain and continuously improve the information security.




Issued on 1st October, 2019
CHINO CORPORATION