閉じる

Management

Information Security (ISO27001)

ISO27001 basic policy

At Proface Systems Co.,Ltd., we created an “Information Security Management System” (ISMS), which is based on international information security management system standard: ISO/IEC 27001:2013,JISQ27001:2014. In additional, we enhanced our information security management policy as below.

Purpose

With the development of recently technology, life is getting more convenient. In other hand, there is a greater risk for information overflowing and unauthoried access. In such situation, we understand that our basis of business activities are protecting and handling information, as a social responsibility.
Also, as PFS are trusted by our customers, we defined information security management as our first priority, in order to enhance customers trust as well as avoid any business loss.
Therefore, we set this policy with the aim to operate, operate our information security management properly.

Definition of information security

The information security means to be maintained to ensure the confidentiality, integrity and availability.
  1. The Confidentiality: Individuals, entity (organizations) or process which should not be accessible or informed to public(To avoid information leakage and unauthorized access)
  2. Integrity: Characteristics to protect the accuracy and completeness of assets (that it be protected from tampering and mistakes of information.)
  3. Availability: When the authorized entities (organizations) requests, access and use are possible characteristics. (To protect from loss, damage or shutting down the system of information.)

Scope of application

  • 【Organization】:Proface Systems Co.,Ltd
  • 【Facility】:Company-wide / all departments
  • 【Business】:System development work, bridge SE training, paid personnel introduction / dispatch work, Japan-China advance consulting work
  • 【Assets】:Documents and data related to the above operations and services
  • 【Network】:Company-wide network

Implementation matters

  1. Because all the information assets of the applicable range are threat (leakage, unauthorized access, alteration, loss, damage), an information security management system is established in order to protect, implementation, operation, monitoring, review, it is assumed that the maintenance and improvement.
  2. Handling of information assets, it is assumed that to comply with the relevant laws and regulations and contractual requirements.
  3. As business activities are not interrupted from a serious failure or disaster, we have formulated the prevention and recovery procedures, it is assumed that a periodic review.
  4. Information security education: Training for all employees will be carry out regularly

Responsibility, Obligation and Punishment

  1. Representative director has responsiblity in information security. For that, representative director shall provide the resources staff of the scope requires.
  2. All related staff have responsibility to protect the customer information.
  3. All related staff have responsibility to follow the procedures for maintaining the policies.
  4. All related staff, have responsibility report any accidents or weaknesses with respect to information security.
  5. Any related staff who carry out bad behaviour in accordance with information (not limited at customer information), will be punished by company rule.

Periodic review

This basic policy is revised every year. However, if a significant change has occurred in the business environment, it will be revised appropriately.

Enactment Date:September 18, 2012

Update Date:September 30, 2020

Proface Systems Co.,Ltd
Representative Director Kazuki Den

Consultation and inquiry

Proface Systems Co.,Ltd. Management Headquarters
〒103-0015 Nihonbashi, Chuo-ku, Tokyo Hakozaki-cho 18-11 COSMO8-4F
TEL: +81 03 5643 7768
FAX: +81 03 5643 7769
EMAIL: info@proface-sys.com

ISO27001 Authentication certificate

ISO27001 Certification