Cave Co., Ltd. (hereinafter referred to as "the Company") regarding the management of all information assets handled by the Company, including digital data handled in IT environments such as computers and the Internet, especially regarding the risk of unauthorized access and information leakage. As a company-wide initiative, we have formulated an "information security policy" based on "rules with high feasibility and effectiveness" and "regular review in response to environmental changes such as compliance, social norms, and customer needs." We will comply with this "Information Security Policy" and the separately listed "Privacy Policy", strive for business management that constantly builds and maintains a more advanced information security management system, and as an information and communication service provider, we aim to create a prosperous and sound information and communication society.

1. Information security management system construction

We will endeavor to protect all information we hold, comply with information security compliance and other norms, and build a management system that earns the trust of society and customers. In addition, we will always make necessary reviews as appropriate.

2. Development of internal regulations regarding information security

We have separately established "Information Security Management Regulations" based on the information security policy, and show clear rules regarding the handling of not only personal information but also information assets in general, and take a strict stance against information leakage in particular. We will thoroughly inform both inside and outside the company.

3. Construction of information system to ensure information security

Appropriate work in the security area, restriction and management of access rights to information, etc., and unauthorized access to information assets and occurrence of fraudulent acts and unauthorized use such as leakage, loss, destruction and falsification of the information. We will endeavor to build a system to prevent such problems.

4. Improving information security literacy

We will continue to provide security education to all officers and employees and other related parties, aiming for all persons involved in our information assets to have high information security literacy.

5. Development and implementation of audit system

We will establish an internal audit system and an external audit system that can check the status of compliance with related compliance, regulations, and rules, including this policy. By conducting these audits, we will make efforts more objective and transparent.

Page Top