Information Security

Strengthening information security

Information security promotion system

In order to maintain a high level of information security, JATCO has enacted an Information Security Policy to ensure that all of our employees can tackle their work with an awareness of information security.
The Information Security Policy comprehensively presents the basic policies of JATCO concerning information security, and has been established for the objective of maintaining the confidentiality, completeness, and availability of information, as follows:

1）Confidentiality: only people who have been given access permission can access the information
2）Completeness: maintaining the accuracy of the information and maintaining the accuracy and transparency of processing methods
3）Availability: ensuring that the users with permission can use the information when necessary

＊1 CSO: Chief Security Officer ＊2 CIO: Chief Information Officer

JATCO has established the Information Security Committee and has built a promotion system to ensure that information leakages, releases of erroneous information, and situations in which the information can no longer be used are not caused as a result of these features being damaged. Through the committee, we share problems common to and solutions applicable across the Group companies, and check on the implementation of these solutions in each Group company and division.

Commitment to information management, and promotion of training activities and activities to raise awareness

In recent years, as the importance of the data held by companies and organizations has grown rapidly, threats such as information leakages, hacking, malware attacks, etc. have also increased, so robust information security has become an essential element for the growth of a company.
JATCO is putting effort into further strengthening our information infrastructure.
To prepare for cyber attacks, we are implementing various technical measures to prevent external attacks, while establishing the Cyber Attack Countermeasures Headquarters, putting in place systems and manuals to enable prompt responses, and carrying out training once a year based on the scenario of an actual emergency to prevent information from leaking out in the event of a security breach.
Information security is dependent on there being a proper awareness of information management by those who must handle the information—each and every one of our employees. Hence, we work to reduce the risk of information leakages with respect to new threats through targeted email training, etc. and continuously strive to raise awareness about information security management, including thorough management of information assets using information asset management ledgers, regular provision of information security education to all employees in the JATCO Group, etc.

Information security activities in each division and Group company

In order to ensure the appropriate management of information security, it is vital to have each division and Group company correctly grasp the current state of and risks pertaining to information security, then formulate and implement countermeasures, and review the results, so JATCO takes measures which properly continue the PDCA cycle. For example, every year it implements assessments compliant with an information security management system (ISMS) based on international standard ISO 27001.
Details on the information security activities undertaken by each division and Group company and incident cases which have occurred are shared with the Information Security Committee, which meets three times a year. By encouraging the divisions and Group companies to incorporate each other’s best practices, we are striving to further enhance the standardization of information security activities across the entire Group, including the overseas locations, introduction of shared facilities, promotion of education, etc.