information security

• Basic approach
• Promotion system
• attempt

Basic approach

The importance of information security measures is increasing year by year, and measures and policies are established to prevent diversifying risks such as virus infections, unauthorized access to systems, leaks of personal information, and cyber attacks, as well as to prevent incidents from occurring. It is important to minimize the impact at times. Our group establishes rules and response procedures such as "Information Protection Management Regulations" and "Information System Management Regulations," and implements technical and physical defense measures using IT to maintain and improve appropriate information management and information security. We are working on this.

Promotion system

Initiatives related to information security and responses to risks are promoted primarily by the Group Information Systems Department of artience Co., Ltd., in collaboration with General Affairs Department, Legal Department, and Corporate Communication Department. Additionally, we have established an "Information Security Office Desk" as a point of contact for employees to receive consultations and reports. In the event of an incident, in order to minimize its impact, we have established an organization called `` artience-CSIRT'' whose secretariat is the Group Information Systems Department, in accordance with the ``Information System Disaster Countermeasure Guidelines'' and `` artience-CSIRT ^* Establishment Guidelines.'' , report and respond to Risk Management Committee, Sustainability Committee, and management.

• artience Abbreviation for Cyber Security Incident Response Team

attempt

Information security activity policy for 2022

Develop and build a cyber risk response system based on remote work and data utilization and sharing, and continue and strengthen information security preventive measures.

• Building a BCP system for cyber incidents
• Promoting IT literacy education to balance data utilization and information security
• Establishing global rules and strengthening information security awareness at overseas companies

Accidents related to information security

In fiscal 2022, there were no major incidents related to information security, such as leaks of personal information.

2022年度の主な活動

• Establishment of mechanisms and systems
• Education and enlightenment for employees

Protection of personal information

Recognizing the importance of protecting personal information, we comply with laws and regulations regarding the handling of personal information, and take steps to appropriately handle and protect personal information. We have established a "Privacy Policy" and established "Personal Information Management Regulations." In addition, we have appointed a personal information manager in each department to appropriately manage information using a personal information ledger and strive to live up to the trust of our customers. We are also working on initiatives that take into account the laws and regulations of each country, including compliance with the GDPR (EU General Data Protection Regulation), which came into effect in the EU in May 2018.

Privacy Policy

Cyber security measures

In accordance with our basic risk management policy of "stabilizing profits" and "building social trust," our group needs to strengthen our organization's ability to respond to unforeseen circumstances related to cyber incidents. For this reason, we have established a system BCP system, ` artience-CSIRT,'' with the aim of minimizing damage and maintaining business continuity in the event of an incident. In addition, in addition to rules and response procedures such as "Risk Management Implementation Rules," "Emergency Response Rules," and "Information System Disaster Countermeasure Guidelines" tailored to response and recovery in the event of an incident, we also provide "artience- CSIRT Installation Guidelines" and "Cyber Incident Response We have prepared a manual and are working to raise awareness within the company.

Security incident response system (FY2023)