―――――― Inquiry ――――――
Please inquire about CloudSheetII.
―――― Security policy ――――
1. Establish an information security management system, accurately grasp the current state of operation of our information system, including ISMS management officials etc, and take measures necessary for improving information security from the viewpoint of both technical and operational aspects , Maintain ISMS (Information Security Management System), and make continuous improvements.
2. We will establish risk assessment standards and risk assessment mechanisms and define a systematic approach to risk assessment based on this. Especially for customers' information assets and personal information of employees within the company Confidentiality We emphasize the integrity of know-how accumulated within the company and the availability of our information system, and the risk of identifying threats and vulnerabilities of information assets Perform assessment and clarify security requirements.
3. Internal audit officers and internal auditors regularly audit ISMS basic policies, ISMS manuals, compliance with various standards of each procedural manual, status of risk response plan implementation and compliance status in each department of the Company every year.
4. We will educate all employees about education necessary to thoroughly inform about information security and enlighten them.
5. We will comply with and conform to the information security laws, standards and other norms such as the Personal Information Protection Law, the Unauthorized Computer Access Prohibition Law, the Copyright Law, etc., and comply with these laws, standards and other norms.
6. For the information security purpose framework of our company, we will set it in the "security purpose management sheet".
Yellow Sparrows Company Ltd.