| Basic Policy for Information Security |
|
| Enomoto hereby defines this Basic Policy for Information Security with the aim of recognizing the importance of information assets as a member of information-oriented society, and achieving the handling / protection of information assets under a unified decision-making system. |
|
| 1. |
In order to implement information security management, a member of the Management Meeting shall be assigned as Information Security Promotion Officer under the command of the President. The Management Meeting shall define the overall direction and code of conduct concerning information security, and notify / coordinate the matter with relevant departments. |
| 2. |
We recognize the importance of securing the confidentiality, integrity and availability of all the information assets the company holds, and shall make efforts to continuously conduct risk assessment and protect information assets appropriately under an information security system. |
| 3. |
All directors and employees shall abide by internal regulations stipulated in accordance with laws and regulations, de-facto requirements and other individual rules concerning information security measures. |
| 4. |
We shall provide all directors and employees with necessary education and training concerning information security so as to make them recognize the importance of information security activities, improve their awareness on the matter and circulate information on miscellaneous related provisions. |
| 5. |
We shall regularly conduct internal audit on information security to implement appropriate corrective action as required, and minimize business interruptions attributable to accidental emergencies, faults, negligence and intentional abuse of information assets, thereby ensuring the continuation of business operations. |
| 6. |
If a director or employee breaches internal rules on information security intentionally or by serious negligence, or engages in an act of non-compliance with laws or regulations concerning information security, the person shall be subject to a disciplinary action. |
