HomeSustainabilityCorporate GovernanceInformation Security

Information Security

System to Promote Information Security

To ensure and maintain the security of information assets we have established the Basic Information Security Policy and the Information Security Management Regulations. Under the management system in accordance with these regulations, we are actively working to maintain information security.

Our president has ultimate responsibility for information security. The president appoints the officer in charge of information security (officer in charge of the Corporate Planning Department), who presides over and runs the Information Security Committee in order to advance systematic, organized activities to promote information security.

Information Security Structure
Information Security Structure

Basic Information Security Policy (Summary)
  • All information created in the course of work are ascribed to information assets.
  • Take appropriate security measures to protect information assets under management and control from threats.
  • Stipulate a manager, management method, handling standards, and other precautions according to the level of importance for all information assets handled, and safeguard security.
  • Always comply with laws related to information security and other social norms, and manage personal information in accordance with our Privacy Policy.
  • Continuously provide education and awareness building regarding information security to all officers and employees, and strive to keep everyone familiarized with information security.
  • Should a security problem occur with regards to information assets, promptly ascertain the cause and strive to minimize any damage.
  • Regularly audit the status of information security, and strive to continuously improve and enhance measures to ensure information security.

Privacy Policy (Summary)
  • When obtaining, using, providing, entrusting, or otherwise handling personal information, do so appropriately under strict management and strive to protect the information. Also, do not handle personal information beyond the scope needed to achieve the purpose of use.
  • Comply with laws and other norms.
  • Take appropriate measures to prevent and/or correct unauthorized access as well as the loss, destruction, alteration, or leakage, etc., of personal information.
  • Respond appropriately and promptly to complaints and inquiries regarding the handling of personal information.
  • Establish a management system for the protection of personal information, and strive to maintain appropriate management.

Activities to Promote Information Security

In FY2021 we used a portal site on our intranet to remind and educate all employees about information security, and also hired outside experts to carry out a dark web analysis. A number of risks were identified and, after checking the details, we have taken appropriate measures. We also held a gathering for the information departments of group companies at which we promoted information security measures. In addition, we conducted disaster recovery drills based on hypothetical emergencies, and carried out a security level survey of group companies and information security training designed to enhance our security system. No serious incidents related to information security have occurred.

We will continue our efforts to improve the security levels of our domestic and overseas group companies.

Copyright© TAIHEIYO CEMENT CORPORATION All Rights Reserved.
back to top