Information Security

Basic Approach and Policies for Information Security

As a company that handles confidential customer information for consulting business purposes, the Nippon Koei Group recognizes the importance of information security. Our Code of Conduct thoroughly covers the protection and management of customer, personal and any other information obtained in its business activities to prevent unauthorized use or leakage. We have also drafted drafted Basic Policy on Information Security Basic Information Security Objectives. By thoroughly protecting and managing information and preventing unauthorized use and leakage, we are working on information security governance from both value creation and risk management perspectives.

We have been audited by a third-party organization and have obtained the ISO 27001 certification, an international standard for information security management systems (ISMS), as necessary for some departments. In order to keep up with the ever-changing business activities and rapid technological progress of the information society, we review our Basic Policy on Information Security for ISMS and all of our initiatives when appropriate to continuously improve our information security measures. We will strive to ensure a stable management base by continuously working on and improving our information security measures.

Basic Policy on Information Security

Protection of Personal Information

Nippon Koei defines confidential information as personal data, confidential customer information, trade secrets and confidential business information in its information management regulations to ensure proper management and prevent leakage.

We have established the following privacy policy to take all possible measures to protect personal information and to earn the trust of society, clients, suppliers and employees.

Nippon Koei Privacy Policy

Information Security Education

Nippon Koei works to enhance information management skills through various means, such as conducting E-Learning about anti-virus measures, raising awareness about the latest types of attacks, and hosting internal seminars on anti-virus measures.

  1. Home
  2. ESG
  3. Governance
  4. Information Security