The Leader in SAP R/3 consulting and web consulting


Home>Basic Policy on Information Security

Basic Policy on Information Security

  1. Purpose
    As an information distribution company trusted by customers, we aim to secure customers’ trust and minimize their business loss by preventing incidents related to their information security.
  2. The definition of information security
    Information security refers to securing and maintaining confidentiality, completeness and availability. (1) Confidentiality: the characteristic to make information unavailable or undisclosed for entities (organizations, etc.) or processes. (To protect information from leakage or unlawful access.) (2) Completeness: the characteristic to protect the correctness and completeness of the information assets. (To protect information from alteration or mistake.) (3) Availability: the characteristic to make information accessible and available when an authorized entity (organization, etc.) require it. (To protect information from loss, breakage and stoppage of the system.)
  3. Scope
    <Organization>:INFREE CORPORATION
    <Institution>:Head office
    <Business>:Software development, staffing service, web marketing
    <Property>:Documents and data related to the above-mentioned
           businesses and services
    <Network>:The whole company’s network
  4. Items to be implemented
    (1) Establish, implement, operate, supervise, review, maintain and improve the information security management system to protect all the information assets in the scope from the threads (leakage, unlawful access, alteration, loss and breakage). (2) Abide by the related laws and contractual requirements while handling information assets. (3) Formulate the preventative and recovery procedures and periodically reexamine them so that business operation may not be interrupted from a major failure or a disaster. (4) Carry out periodical education and training on information security to all the employees.
  5. Responsibility, duty and penalty
    (1) The president takes the responsibility of information security. Therefore, the president shall provide required resources to the staffs in charge of the applicable scope. (2) The staffs of the applicable scope are obliged to protect customers’ information. (3) The staffs of the applicable scope shall follow the procedures formulated to maintain this policy. (4) The staffs of the applicable scope are responsible for reporting the accidents and the point of weakness over information security. (5) In case a staff of the applicable scope performs the act that threatens the protection of not only clients’ information but also other information assets handled, the employee shall be punished according to the employee work regulations.
  6. Periodical reexamination
    Reexamination of the information security management system shall be carried out periodically in order for it to be in line with the change of environment.

Date: Feb 1, 2013
Kazuyuki Waki

HomeContact UsSitemap
Personal Information Protection PolicyHandling of Personal Information
Basic Policy on Information Security

INFREE CORPORATION, forerunner of system consulting, website design and business blog

Copyright(c) 2013 infree Corp. All Rights Reserved.