Security Control / Information Security
Information Security Policy
We regard all of our own information assets as one of our management resources. Through the proper protection and effective use of our information assets, we pursue healthy maintenance and development of our business.
- We establish rules that clearly define the system and responsibilities for the protection and management of all the information assets including the information we keep for our customers, the know-how and intellectual properties owned by our Group, and personal information.
- We comply with laws, ordinances, and regulations regarding information security.
- We educate all executives and employees who handle information assets about the importance of information security, and about specific items to be observed.
- We continuously update the information infrastructure for the maintenance and improvement of the confidentiality and stability of all the information assets.
- We promote measures to prevent accidents in order to address the risks of information leakage associated with the continuous advancement and sophistication of information technology. Should an accident occur, we will strive to minimize the damage and take preventive measures against recurrence.
We have established the Group Information Security Regulations and Confidentiality Management Regulations, striving for appropriate protection and management of confidential information, including the information of the NGK SPARK PLUG Group, personal information of customers and suppliers. Even in the use of electronic information equipment such as wireless LAN and mobile terminals, we will conduct information security management with due consideration in compliance with relevant laws and regulations.
Conducting Continuous Security Measures
We are continuously handling the risk of threats to corporations and organizations dealing with information securities. Furthermore, with the increase of the damages caused by recent cyber security attacks, we are establishing a professional team, including experts outside the company, CSIRIT (Computer Security Incident Response Team) in order to respond to the information security incident.
Carrying Out Periodic Inspections Related to Confidentiality Management
To ensure that the confidentiality management rules we established do not become rules in name only, the Confidentiality Management Committee performs annual company-wide inspections of the status of confidentiality management. As measures for the inspection, we have adopted a method of carrying out mutual interdivisional inspections in addition to the self-checks carried out in the past to strengthen the checking function.
Furthermore, we have not only established rules for confidential information handled in-house, but also rules to prevent leaks of confidential information taken outside the company, including procedures for the use of mobile PCs and cloud service, and we carry out checks on the operational status of these rules.