As part of our IT solution service business, SignalBase, Inc. (hereinafter “Company”) is engaged daily in providing our customers with one stop integration services based on sophisticated technology and high standard of quality.
In the event of our customer’s confidential and private information leaking, this would have a serious impact on our customer and system user and result in losing trust from our customers and society, and potentially threaten the survival of our business and lead to a corporate financial crisis.
Because of this, we believe that protecting our customers’ information assets such as systems and data along with our Company’s information assets as a management resource is our Company’s basis for operations and social responsibility, and we shall enforce the following Basic Policy prepared to share internally and externally with the general public.
We shall establish, introduce, operate, monitor, review, maintain and improve information security management systems to adequately protect information assets entrusted by our customers as well as our Company’s information assets from all threats, including negligence, accidents, disasters, crime, leaks, unauthorized access, modifications, and damages.
The scope of application of the present basic information security policy, information held by the Company, operation and management, data and information systems, network and equipment for these conservation, as well as our all officers involved in the information assets, employees and contractors employees is.
We shall strictly abide by the Personal Information Protection Act, Cybercrime Protection Act, Unauthorized Access Prohibition Act, Unfair Competition Prevention Act, Telecommunications Business Act, Copyright Act, and security requirements stipulated in other regulations and guidelines, as well as confidentiality agreements with customers.
We shall appoint an ISMS (Information Security Management System) Manager, and establish an Information Security Committee, System Audit Office, as well as a Risk Management Committee to systematically and seamlessly provide information security services.
Our highest priority shall be protecting the confidentiality of information assets connected to our customers’ systems, and we shall identify information asset threats and assess and evaluate risks on a continuous basis.
We shall formulate preventative and restoration procedures and review them on a regular basis while considering its availability to prevent interruption of business activities from serious impediments and disasters.
We shall provide information security education and training on a regular basis to all applicable individuals, and conduct our operations with the understanding that adequately managing information assets is an important social responsibility.
January 5, 2015