Primary contents from here.
Introducing the information security system of our group.
Our information security management system
We proactively reinforce our information security system to ensure that management and other confidential information and personal data are not leaked. Regarding the our information security management system,we stipulate the Information Security Policy,and complies with administrative provision on Information Security at the same time. The status of information management is subject to verification through the submission of reports by executives in charge of the planning department to the board of directors. We have also established a disclosure committee within the company as part of our internal control system to strengthen our controls on information disclosure.
The information security management system of Okasan Securities Co., Ltd.
Okasan Securities Co., Ltd., has internal regulations and internal rules governing the use of computers and other information terminals as part of the management of system and information risks. Our information management system applies to the duties executed by executives and employees. In addition, by using access logs, operational monitoring, and access restrictions based on filter functions, the system prevents the unauthorized disclosure of personal data and confidential information. Furthermore, initiatives are in place to improve the awareness of information security by executives and employees through training sessions and other programs.
Complying with the Act for the Protection of Computer Processed Personal Data held by Administrative Organs
The appropriate management of personal information obtained from our clients is a social responsibility for which Okasan Securities Group Inc. and the Group as a whole are developing a personal information protection system.
The Privacy Policy addresses the handling of personal information and is employed by Okasan Securities Co., Ltd., and other securities companies in the Group. Members of the public can read it by visiting our website or any of our branches. In addition, efforts to prevent leaks of personal information are bolstered by internal regulations, rules governing the use of computers and other information terminals, and other regulatory provisions applicable to daily operations, as well as by regular internal inspections. Furthermore, training and education programs directed at executives and employees improve the awareness of the need to protect personal information.
A group company Okasan Business Service Co., Ltd. has been granted JIPDEC Privacy Mark certification by the Japan Information Processing Development Corporation.
Furthermore, Okasan Information Systems Co., Ltd. has acquired the certificate of the Information Security Management System (ISMS).
Certification outline of Privacy Mark
| Company name | Okasan Business Service Co., Ltd. |
|---|---|
| Type of business | Personnel dispatching and back-office functions undertaken on behalf of clients |
| Certification number | No.10860885(08) |
| Expiration date | September 7, 2022 |
- The Privacy Mark is a certification mark administered by JIPDEC and granted to businesses that have implemented systems for the appropriate protection of personal information in compliance with the JIS (Japan Industrial Standards) Requirements for Compliance Program on Personal Information Protection (JIS Q15001).
Certification outline of ISMS
| Company name | Okasan Information Systems Co., Ltd. |
|---|---|
| Registration number | IS 552057 |
| Scope of registration | System design, development, maintenance, operation, sales and introduction support related to the securities business |
| Standards | ISO/IEC 27001:2013, JIS Q 27001:2014 |
| First certificate registration date | February 10, 2010 |
| Expiration date | February 9, 2025 |
- The ISMS certificate is certification of a management system that maintains and improves in a balanced manner the confidentiality, integrity and availability of information assets that an organization should protect.