The Ushio Group’s Information Security Policy (Basic Policy)
In order to ensure the safety and proper management and use of information assets and information systems, the Ushio Group establishes "The Ushio Group’s Information Security Policy (Basic Policy)" and sustains and improves information security.
1. Management of information assets
The Ushio Group recognizes that the Ushio Groups’ information assets are equal to vital business assets for maintaining and improving corporate competitiveness and implements safe and appropriate use and management of information assets for continuous fiduciary relationship with all stakeholders, including customers and business partners.
2. Protection of information assets
The Ushio Group takes appropriate measures to protect information assets to ensure information security against leaks, tampering and loss of information, external intrusion to information systems, and trespass on security areas.
3. Handling of information assets
A basic principle is to grant access authority only to those persons for the purpose of their assigned duties, and in particular, strict control must be implemented for important information and personal information disclosed by customers and such.
4. Ensuring Information Security
To ensure information security, executives and employees belonging to the Ushio Group need to work together and the Ushio Group regularly conducts education on information security for every executive and employee.
5. Strengthening Information Security
The Ushio Group strengthens information security by establishing promotion structure and system to maintain and improve the safety and proper use and management of information assets and by continuously reviewing hardware and software aspects.
6. Compliance with protection systems
The Ushio Group takes information protection systems of each country into consideration and establishes regulations and promotion structure for information security and enforces the promotion of various measures.
7. Compliance with Laws and Regulations
The Ushio Group complies with the laws, contractual obligations, and other norms of each country regarding information security.
8. Programs for Business Partners
The Ushio Group also requests their customers and business partners, who have information regarding the business of the Ushio Group, to follow their programs to ensure necessary information security.
9. Dealing with Incidents
In case of occurrence of an information security incident involving information assets, the Ushio Group identifies the cause in a timely manner, clarifies the extent of such impact, and take necessary measures to minimize damage, as well as prevent recurrence.