ISO27001 Basic Policy on Information Security
Tanizawa Sogo Appraisal Co., Ltd. provides various valuation services. Through all of our services, we serve with a strong sense of social responsibility and conduct all of our business dealings in the fair and independent. To provide such services, we take the responsibility of protecting our customers’ information strictly. To carry out our responsibility, we will maintain and continuously improve our information security management system. It plays an important role in risk management as well as in corporate social responsibility.
In the following section, we describe our basic policy on information security as it relates to the appropriate protection of information assets under our control. All staff, including executives, understand and follow this policy.
1. Definition of information security
Information security is defined as keeping client’s information `confidential`, `secure `, and `available`.
2. Purpose of the establishment of information security system
By establishing information security, we carry out our social responsibility as well as foster social confidence.
3. Scope of its application
This includes the protection of important information assets, and organizations and facilities which are main themes to be controlled.
When we have to work with outside agents or firms, the scope of shared information has to be approved.
4. Structure of the information security organization
Our company’s information security management system has received the ISO27001 certification. In order to maintain this certification, we continue to maintain, review, monitor, practice, and improve our information security system. Our management provides generous funds to achieve this goal.
5. Specification and treatment dealing of risk
Our company takes steps to ensure appropriate information security control and protection against risk, in order to keep confidential information secure and available.
6. Goals of information security
- We conduct appropriate information security control, and strive to avoid any lapse of information security.
- In case an accident related to information security happens, we minimize the damage, quickly resolve the problem, and then work to prevent similar incidents.
- Every employee acknowledges responsibility towards information security and is fully trained to follow security procedures.
7. Duties of employees
All employees follow the operation manual in regard to different information security related laws and rules, and any other contractual requirements.
8. Compliance Rules
- We practice security procedures with sincerity, strictly adhering to the contracts between our customers and us, as well as to related laws and rules.
- We have an effective business continuity plan, and will be able to continue our services in times of trouble.
9. Continuous improvement
Our company is regularly audited both internally and externally. We pay strict attention to continuously improving our security procedures, and continuously reviewing and objectively evaluating the effectiveness of our information security measures.
The Tanizawa Sogo Appraisal Co., Ltd.
October 1, 2014