Basic Policy on Information Security
Basic Policy on Information Security
Viet Japan Digital Co., Ltd. (hereinafter referred to as “the Company”) recognizes that ensuring information security is an important management issue. The Company considers it essential to implement appropriate security measures to protect information assets, including customer information collected through business activities and other information handled by the Company.
Through the establishment and operation of an Information Security Management System (ISMS), the Company aims to protect the confidentiality, integrity, and availability of the various information assets it handles in the course of its business, and to prevent security incidents such as information leaks and data falsification.
To achieve these objectives, the Company hereby establishes the following Code of Conduct on Information Security:
Code of Conduct
- Risk Identification and Response
The Company shall identify information asset risks using established procedures and implement appropriate risk responses in order to establish and continuously improve the Information Security Management System. - Clarification of Roles and Responsibilities
The Company shall clearly define roles and responsibilities regarding information security and appropriately manage its information assets. - Education and Awareness
The Company shall conduct educational and awareness activities for all executives, employees, and related parties to ensure they recognize their responsibility for maintaining information security. - Monitoring and Continuous Improvement
The Company shall set and achieve information security objectives, monitor and record the implementation status of the Information Security Management System, and enhance its effectiveness through regular internal audits and management reviews, thereby promoting continuous improvement. - Incident Response and Business Continuity
In the event that any information security incident occurs, the Company shall promptly identify the cause, minimize the resulting damage, and make every effort to ensure business continuity. - Compliance with Laws and Regulations
The Company shall comply with all applicable laws, regulations, social norms, and contractual obligations with customers concerning the handling and management of information assets.
