DevSamurai understands that Security Policies are important and establish one internally to address pertinent issues, such as what constitutes acceptable behavior by employees. These procedures define a sequence of steps to be followed in a consistent manner, such as how we will respond to any policy violations
- Establishment of Information Security Management Organization
We establishes Information Security Committee to construct a system that can promptly implement information security measures. We also appoint the chairman of Information Security Committee as “Information Security Management Officer” to execute appropriate management activities.
- Establishment of Internal Regulations
We establishes internal regulations on information security, and communicate the specific policies and rules across us to protect and manage the information assets appropriately.
- Execution of Audit
We conducts audit as necessary on the status of compliance with laws, internal regulations, rules, etc., on information security, to verify status of their effective performance.
- Implementation of Information Security Measures
We implements security measures from the perspective of organizational, physical, technical and human safety management, and strives to prevent accidents related to information assets, such as unauthorized access, destruction, information leakage, tampering, etc.
- Risk Assessment
We conducts risk assessments, takes appropriate risk measures for information assets that based on the characteristics of the business.
- Provision of Information Security Education
We continuously provides education and training to all employees to implement appropriate management of information assets.
- Business Continuity Management
We ensures business continuity and minimizes business interruption due to disasters and failures.
- Management of Subcontractors
We regularly evaluates and reviews aforementioned efforts to implement continuous improvement to the information security management.
- Establishment of Personal Information Protection Management System and Continuous Improvement Thereof
We develops regulations and systems for handling personal information, establishes and implements personal information protection management system, and continuously applies improvements on them.