CAVE CO., LTD. (hereafter referred to as “Company”) would like to further enhance its reputation as a socially responsible corporation by taking thorough and sophisticated measures to reduce the risk of information leakage. Therefore, the Company has articulated such a philosophy in this “Information Security Policy” to make information security an essential and absolute part of its corporate culture.
1. Establishment of Information Security Management System
To retain the confidence of society, the Company has established a highly secure information security management system, based on which Company will protects all information assets it holds and comply with laws, regulations and rules concerning information security.
2. Establishment of Internal Regulations for Information Security
The Company has established internal regulations based on this Information Security Policy and set out clear policies for the treatment of all information assets, not only personal information, and makes it clearly known inside and outside the Company that leakage of information and the like will be severely punished.
3. Establishment of Information Security System with Sophisticated Measures
The Company has established a system based on sophisticated information security measures to prevent unauthorized access to, leakage, alteration, loss or destruction of, or obstruction of use of, information assets. In particular, the Company strictly controls access to all kinds of data by restricting work in high-security areas, the right to access databases, and the like.
4. Improvement of Information Security Literacy
The Company provides all of its regular and persons concerned with education and training on information security so that all personnel concerned with information assets can perform their business activities with sufficient information security literacy. the Company continues to educate and train all its regular and temporary employees so that they can respond to changing conditions.
5. Development/enhancement of audit structure
Further develop the structure which enables the Company to carry out internal audits of compliance with Information Security Policy, the Company rules and other relevant rules. In addition, the Company makes every possible effort to continue external audits to obtain more objective evaluation. the Company will prove that all of its employees comply with Information Security Policy.