EPOCA Marketing Co., Ltd. (hereinafter referred to as “EPOCA”) recognizes that the proper management of our information systems is a critical component of our business administration, and in order to provide the utmost reassurance to our clients in providing our services, we will adhere to the following initiatives related to our information security, which we put forth as our Information Security Policy.
The information assets subject to this Information Security Policy include all information acquired, become known to or retained by EPOCA as part of our business operations.
1. Information Security Management System
EPOCA has established a system to ensure the protection and proper management of all retained information assets. An information security committee composed of managerial staff meets regularly to assess the status of information security throughout the company, and supervisors are assigned at each department to ensure the swift implementation of information security measures.
2. Internal Rules and Regulations
EPOCA has established internal regulations regarding information security and ensures thorough dissemination and implementation of clear policies and rules to protect and appropriately manage information assets.
3. Establishment and Enhancement of Audit System
EPOCA implements audits regularly and as deemed necessary to ensure business operations are conducted in compliance with national laws and internal regulations and rules related to information security and verify their effective implementation.
4. Appropriate Information Security Measures
In order to prevent unauthorized access, destruction, leakage, falsification, etc. of our information assets, EPOCA implements security measures using organizational, physical, technical, and personnel-based security management approaches.
5. Initiatives to Enhance Information Literacy
EPOCA provides ongoing education and training to all employees to enhance information security literacy and the proper management of its information assets.
6. Management of Information Security when Outsourcing to Vendors
When outsourcing tasks to vendors, EPOCA thoroughly evaluates the vendors’ qualifications and requires them to maintain security measures that are equivalent to or exceed the standards of those at EPOCA. To ensure these security measures are appropriately maintained, we provide regular education and conduct periodic audits with our vendors.
7. Ongoing Improvement Measures
EPOCA continuously takes action to enhance information security by establishing and operating an information security framework throughout the company and conducting periodic evaluations and reviews.
8. Measures Taken for the Secure Management of Personal Information
In order to take rigorous precautions when handling personal information, EPOCA has established personal information protection regulations based on the policies outlined in JISQ15001 and operates a personal information protection management system with a clear understanding of the external environment. Additionally, when handling personal information, we implement measures across four key areas: organizational, personnel-based, physical and technological.