Security Policy

Security Policy

1. Purpose

The main business of the Group is Business Process Outsourcing (BPO) and the safety of information assets and business continuity are top priorities for management. We consider the safety and security of our Clients and business partners our social responsibility, and we protect their information from various threats. This document was established with the purpose of achieving the appropriate management and security of our operations.

2. Information Security Organization

2.1 Information Security Committee

The Information Security Committee comprises the Representative Director, Chairman of the Information Security Committee and representatives of relevant departments, who meet to discuss and make decisions on information security issues.

2.2 The Information Security

The Information Security Manager and his or her division are responsible for information security.

2.3 Internal Audit

An internal audit will be completed to ensure information security is effective.

3. Information Security Policy

3.1 Need-to-Know Principle

The Information Security Division is responsible for granting access to information. Employees are only given permission to access the information they need to complete their work.

3.2 Information Asset Management

The Director of Information Security will manage information assets and security-related information in accordance with regulations imposed by the agreement and the Group.

3.3 Selection of Measures and Classification of Information Assets

The Director of Information Security will manage information assets properly, classified according to their importance.

3.4 Monitoring

The Director of Information Security will ensure that information assets are properly managed and monitored on an ongoing basis.

3.5 Security Incident Response

Any incident involving information security occurs will be handled appropriately, and corrective action will be taken to prevent any reoccurrence.

3.6 Business Continuity Management

There must be plans in place to ensure minimum interruption to business in the event of a disaster.

3.7 Education

Employees and suppliers take part in regular information security education, according to their position.

3.8 Compliance with Rules and Regulations

Employees and suppliers of the Group are required to comply with rules and regulations on information security.

3.9 Conformance to legal and contractual requirements

Company employees and employees of subsidiaries or partners are required to comply with the information security requirements of an agreement.

Prestige International Inc.
CEO, Shinichi Tamagami