Implementation and Promotion of Information Protection
SUNCORPORATION establishes, implements, and promotes its information security fundamental principles from the viewpoint of protecting information about its operations, information about its customers, and information about individuals.
The scope of information asset is defined to include information systems such as hardware, software and storage media, and information stored in information systems, as well as employees who have access to such information.
We adhere to laws, policies and regulations regarding information security.
Information Security Management Structure
The Information Security Director serves as the information security general manager and is responsible for information security. The information security general manager provides and implements necessary measures to control information security for the corporation.
Information System Department is for information security.
The head of the Information System Department is responsible for managing information security and therefore assists the Information Security General Manager in providing and implementing necessary measures to control information security for the corporation.
The information security manager of each division provides and implements necessary measures to control information security for each division.
Protection of Privacy
We consider protection of privacy to be an important issue, and therefore, we provide a Privacy Protection Policy and implement measures to achieve its objectives.
Implementing Information Security Measures
We provide information security regulations to define standards and procedures in order to implement information security measures.
Verification of Compliance
An information control manager at each division verifies that physical security measures, human security measures, technical security measures, emergency response plans and implementation procedures comply with our information security regulations for all information assets at each respective division.
Education and Training
The Information Security General Manager systematically provides education about our policies to our employees.
Our employees recognize the importance of information security and receive education and training to understand and implement our policies.
Repercussion against Violating Regulations
Employees who have violated the information security regulations, as well as their managers, are punishable for violation of employee regulations depending on the severity of violation.
Evaluation and Review
Standards for information security measures are evaluated and reviewed regularly in consideration of changes to our information security regulations, evaluation results of information security measures, and information systems, as well as emerging risks.
Established on June 27, 2016