Information Security Initiatives

We use numerous information assets in our business activities. Handling these information assets appropriately is essential to winning the trust and satisfaction of customers. Accordingly, we commit ourselves to 1. developing effective structures for managing information security, 2. complying with laws, regulations, and our own standards, and 3. gaining the trust of customers and society as a whole. To guide us in these efforts, we have set forth the following basic philosophy and basic policies concerning information security.

Basic Information Security Philosophy

In the interests of customer trust and satisfaction, we will work to maintain or improve the confidentiality, integrity, and availability of all our information assets.

Basic Information Security Policies

1. Scope

These basic policies concern the way we protect the information assets that we use in our day to day operations.

2. Information security management

We will develop structures for managing information security. These structures will enable a unified and consistent approach.

3. Managing information security risks

We will assess information security risks regularly and in a manner befitting the scale and nature of our business activities. Based on these assessments, we will take all necessary and reasonable steps to manage the risks.

4. Checking and improving

We will regularly monitor our organization’s information security practices to check whether our policies are working effectively. In this way, we will continually refine the way we manage information security.

5. Compliance

We will comply with all information security-related stipulations in:
-Laws
-National guidelines and standards
-Internal rules and industry guidelines
-Business contracts

6. Education and training

We will continually educate our staff about the information security policies and relevant protocols, and ensure that they understand how important these matters are. In this way, we will ensure that our staff handle information assets properly.

7. Responding to information security incidents

While doing all we can to prevent information security incidents from happening in the first place, we will also prepare for the worst-case scenario. If trouble arises, we will immediately take corrective measures, minimize any damage, and work to prevent a recurrence.

8. Punishing breaches

If we discover any breach of these policies or of any other internal rules concerning information security, we will punish the offender according to our employment rules or the relevant contract.

JIS Q 27001:2014(ISO/IEC 27001:2013)Certification Status

Facility
(applicable division)
Description of Business Certification Acquired
TAIYO INK MFG., CO., LTD. Technical Development Department IC Packaging Materials Department PCB Business Development Department PCB Materials Sales Department Information System Department Development and marketing Jun. 2018