For our company, information assets (information and information systems, etc.) are a source for generating profits and the most important asset in providing cloud services and related business activities. Preventing information security incidents is a social responsibility. To protect information assets from information security threats, we handle information assets correctly and safely, implement information security based on management strategy, and respond to customer trust.
1. Our company establishes the following security objectives and diligently implements all measures to achieve these objectives.
[Security Objectives]
- We respect contracts with customers and legal or regulatory requirements.
- We prevent information security incidents from occurring.
- We protect information assets from information security threats.
2. Our company appropriately constructs and operates an Information Security Management System (ISMS) by expressing the management's intentions regarding our company's approach to information security and clarifying the main action guidelines based on it. We strive to ensure the confidentiality, integrity, and availability of important information assets, and continuously ensure its effectiveness.
3. Our company establishes an Information Security Management Representative and an Information Security Committee to operate the ISMS, and develops the necessary organizational structure for its operation.
4. Our company establishes systematic procedures and evaluation criteria for risk assessment to maintain the risks of all important information assets we handle at an acceptable level, and we will take appropriate risk countermeasures based on risk assessment.
5. Our company conducts regular training for all employees to maintain and improve the ISMS, and measures its effectiveness.
Above
January 27, 2017
UPWARD, Inc.
UPWARD, Inc. has been certified under the international standard for Information Security Management Systems (ISMS), 「ISO/IEC27001:2022 / JIS Q 27001:2023」. With this ISMS certification, a third-party audit and registration body has certified that our company has an appropriate information management system in place from a security perspective. The outline of the certification is as follows:
