Go to the text

Information Security Basic Policy

Established: June 1, 2004
Last revised: October 1, 2016
SB Technology Corp.
Representative Director President & CEO Shinichi Ata

SB Technology Corp. (hereinafter referred to as the "Company") has a corporate philosophy of "Information Revolution - Happiness for everyone- Creating the future with the power of technology", and through the provision of ICT services, we aim to enrich information technology. We aim to contribute to the realization of society.
As the core company responsible for the ICT services business of SoftBank Group, which is promoting contributions to humanity and society through the information revolution, we continue to take on the challenge of creating new added value through the power of technology.
In order for you to use the various solutions and services created by such technological innovations with peace of mind, we have established the following information security basic policy and strive to prevent security incidents and accidents and implement continuous information security measures.

1. Scope of application

This basic policy applies to the "information assets" that our company handles in our business activities. Information assets refer to information, data, information systems, networks, and equipment owned or operated and managed by our company, and include anything that our company deems necessary in the course of business development, regardless of whether it is tangible or intangible. .

2. Establishing an information security system

The Company shall establish an information security management system centered on the management team, and shall make efforts to maintain and improve information security. We will also establish a system to regularly audit these efforts and strive for improvement.

3. Assignment of “Chief Information Security Officer”

We will establish a Chief Information Security Officer (CISO) and organize an Information Security Measures Council. This allows us to accurately understand the information security situation at the company-wide level and proactively take necessary measures to promptly implement them.

4. Establishment of internal regulations regarding information security

We have established internal regulations based on our basic information security policy, and we have established clear policies regarding the handling of not only personal information but also information assets in general, and we are ensuring that everyone inside and outside the company is aware that we will take a strict stance against information leaks.

5. Protection of information assets

Our company recognizes the importance of all information assets in its possession from the perspectives of confidentiality, integrity, and availability, performs risk assessments, and strives to protect information assets appropriately under an information security system.

6. Strengthening the management system of subcontractors

When our company concludes a business outsourcing contract, we will thoroughly examine the suitability of the outsourcing company and request that they maintain a security level that is equal to or higher than our own. In addition, in order to continue to confirm that these security levels are being maintained appropriately, we will continually review our subcontractors and strive to strengthen our contracts.

7. Implementation of information security education and training

Our company regularly conducts educational activities for all executives and employees with the aim of thoroughly implementing and improving information security initiatives.

8. Response to security incidents/accidents

If a security incident or accident occurs, or if there is a sign of it, our company will promptly respond and take necessary procedures.

9. Compliance with laws and regulations

Our company complies with all laws and other guidelines applicable to the information security that we engage in.

10. Review and improvement

Our company will periodically review and improve this policy in response to changes in management policy, business content, social changes, technological changes, changes in laws and regulations, etc.

Prohibited Unauthorized reproduction

ISMS certification
ISMS certification registration scope: Head office, Shiba Daimon, Tennozu, Osaka, Nagoya, Fukuoka, Toyama