IHI Information Security Policy
IHI Group Information Security Policy
The IHI Group hereby sets the following IHI Group Information Security Policy for the purpose of ensuring the security of information assets in its possession and thereby further solidifying its trust-based relationship with customers, users and society.
1. Basic Activities
The IHI Group will take appropriate measures with technology, organization and employees, in order to protect information assets against any leakage, theft, loss, destruction, illegal access, and disaster. In the event of any security problem regarding this information, the IHI Group will locate the cause as quickly as possible, and exert every possible effort to minimize the damage incurred.
"Information assets" refer to the information the IHI Group handles in the course of business activities, regardless of the type of media, and the equipment, facilities and services necessary for handling such information.
This Information Security Policy applies to all those using the information assets of the IHI Group, including but not limited to officers and employees of the IHI Group companies and temporary staff.
4. Compliance with Laws, Regulations, etc.
The IHI Group will strictly observe the laws, regulations and codes pertaining to the protection of information assets, and the requirements and obligations regarding information security provided for in the agreements with the customers.
The IHI Group companies will provide all those using the information assets of the IHI Group with the necessary education on information security to enhance and maintain their awareness thereof.
6. Management of Information Security
The IHI Group companies will establish a mechanism of implementing and managing information security by taking such measures as establishing rules concerning information security and appointing persons in charge of information management, thereby conducting, maintaining and improving information security activities on a continual basis.
7. Responsibilities of Senior Management
The Senior Management of the IHI Group will set the example of enforcing this Information Security Policy. In the event of any infringement of this Policy, they will address the situation properly by defining their authorities and responsibilities, and do their utmost to resolve the problems, diagnose their causes, and prevent their recurrence.
Any action in violation of the rules of information security will incur punishment according to regulation regarding employment of the IHI Group companies.
This Information Security Policy will be announced and notified to all those using the information assets of the IHI Group as well as being announced to the public.