INFORMATION SECURITY POLICY
- Basic Principle
With the commitment of all employees in creating what they can proudly present to the world (namely our organization with its products, and services), oRo's goal is to continue to deliver more happiness and joy to more people (coworkers, families, business partners, shareholders and society), and lead all our employees to self-fulfillment through our efforts to achieve this goal.
We recognize that it is critical to ensure information security in order to offer products and services in today's highly advanced information society and that ensuring information security is one of our corporate responsibilities to our business partners, shareholders and society. We will make efforts to create and manage an information security management system so that we can earn the trust of our business partners, shareholders and society.
- Basic Policy
- Information Security Objective
- We will formulate an Information Security Objective as a goal to raise awareness among our officers and employees about this policy and information security, while realizing the continuous improvement thereof.
- Identification of Information and Measures to be Taken
- We will identify important information relating to our business activities. The Security Management Committee and each chief administrator will implement the best available measures to make sure that such information will be protected.
- Obligations of Officers and Employees
- Our officers and employees will act in accordance with this policy.
- Compliance with Laws and Regulations
- In protecting the important information relating to our business activities, we will comply with legal and regulatory requirements and our contractual obligations.
- Continuous Improvements
- We will establish a management system in order to continously improve and enforce our information security as well as to respond to new threats.
- Definition of Information Security
- Information security is defined as maintaining the confidentiality, integrity and availability of information.
- Appointment and Duties of Administrators
- We will organize the Security Management Committee as a system to promote ISMS, whose core members are served by the ISMS Head and administrators.
- We will periodically verify our adherence to our ISMS.
- Information Security Education
- We will promote education and training activities regarding information security.
- Review of Basic Policy
- We will review this policy as necessary if the management environment is affected by any change made to our business activities or legal or regulatory requirements.
October 10, 2018
CEO, oRo Co., Ltd.
In case of any inconsistency between the Japanese version and the English version in our website, the Japanese version prevails.