ISO9001 / ISO27001
Thorough quality control and information management
For project quality assurance, we are strengthening in pay particular attention to quality control and information security. Therefore, we have acquired ISO 9001 for quality control and the ISMS ISO 27001 certification for information security from the International Organization for Standardization (ISO).
Initiatives relating to information security
The goal of our activities is to maximize profits of our client’s businesses. For that purpose, the most important thing in terms of shared value perspective are actions based on the client’s point of view; in other words, thinking and acting from the position of the client. In these client-centric activities, there are ample occasions on which we must access data on behalf of the client. As goes without saying, the data that we handle is a highly confidential information asset which must not be leaked externally. Naturally, every member of our staff is fully aware of the need to protect these information assets, keeps this in mind at all times, and takes complete care in handling them.
On the other hand, the environment that ICT businesses currently act in brings about that all information is connected via networking, in accordance with openness and standardization. Additionally, large quantities of information assets can easily be made portable via small storage media. Even if we ourselves are always careful, the reality is that we are exposed to unforeseeable risks. Hypothetically, even if it is only a tiny information leak, the problem wouldn’t only be in terms of client/business profits; the loss of brand image, loss of credibility and damages thereby incurred could be huge.
As such, we recognize the crucial importance of protecting information assets, and consider it to be our social mission to take drastic measures against the risks of them being leaked. Additionally, as well as being aware of important operational issues relating to business operations, we have also created the “information security fundamental policies” as defined below, and we vow to continuously adhere to them. Accordingly, we aim to contribute to the deployment of client business by providing safety and reliability to clients, and to continuously achieve stable and sustainable business operations whilst improve their value.
Information Security Fundamental Policies
Defide Inc. (hereafter, "this company")’s activities aim at contributing to interpersonal communication and communication between people and society, with as main business fields: ICT business consulting, system development and communication design.
- Scope of the information assets
The "information assets" which are covered by these fundamental policies are all forms of information which are obtained by this company in the course of its work, or obtained via business activities. - Information security management system creation
This company will implement, operate, promote and review security measures related to the handling of "information assets". - Development of internal regulations relating to information security
This company will conduct risk analysis of information assets, and create a procedural manual which includes practical measures relating to security. All officers, employees, temporary workers and commissioned employees of this company will adhere to them, and will strive to protect the information. - Implementation of in-house training
In order to ensure the implementation of information security measures, form as well the technical as human point of view, this company will conduct regular and continual training and instruction in relation to information security. - Adhering to these policies, and penal regulations
All officers, employees, temporary workers and commissioned employees of this company will adhere to the orders, regulations, agreements and pledges relating to information security, and take responsibility for their actions in regard to these. In case of violation of any of these, the company will enforce penalties, as stipulated in the employment contracts and pledges. - Reviews of policy and internal regulations
This company will continue to implement multifaceted evaluations of information asset risks, with technical progression and changes to work environment also being considered. Accordingly, this company will reflect these onto information security fundamental policies and various measures, thus aiming for the maintenance and improvements of the information security management system.
Applicable standard | ISO/IEC27001:2013 |
---|---|
Registration number | IS 541988 |
Applicable Scope | 1.The ICT consulting 2.The IT service development 3.The UI/UX design and system design for web/mobile applications 4.The Solution development 5.The construction, operation and management of infrastructure environment |
Applicable organizations | Tokyo office, Fukuoka office |