Security PolicyInformation Security Policy

TANABE CONSULTING CO.,LTD. (hereinafter referred to as "the Company") hereby establishes a policy for information security measures with the aim of properly handling and properly protecting the information assets held in the course of business in order to realize its management philosophy.
We will continually implement measures based on this policy and improve our standards, aiming to be a safe, stable organization that is always trusted by our customers and other stakeholders. Information regarding our privacy policy is available here.

Updated: October 1, 2023
TANABE CONSULTING CO.,LTD.
Osaka Head Office 3-3-41 Yodogawa-Ku, Osaka-city, Osaka, Japan 532-0003
President and CEO Takahiko Wakamatsu

1. Establishment of information security management system
   

   We will appoint an information security manager to promote the information security management system, and appoint information security officers in each department to maintain and improve information security. We will also regularly audit these efforts and establish a system to strive for improvement.

2. Information Security Measures
   

   We will conduct risk assessments to ensure the confidentiality, integrity, and availability of information assets, and implement appropriate measures in terms of organizational security, human security, physical security, and technical security.

3. Document preparation and review
   

   We will establish internal rules to ensure that information security systems and measures are established and that information users are obligated to comply with them. In addition, we will review this information security policy as appropriate in light of changes in the business environment, social environment and laws and regulations, the latest trends in information-related technology, and newly discovered risks, and will make continuous improvements.

4. Compliance with laws, regulations, national standards and contractual requirements
   

   In order to avoid violations of information security-related laws, regulations, national standards, contractual obligations, and security requirements, we will implement measures to comply with these requirements.

5. Security measures for outsourcing
   

   When outsourcing operations, we will screen the suitability of the contractor and review the contents of the contract to ensure the protection of confidential company information and personal information, and make improvements.

6. Prevention and response to security incidents
   

   We strive to prevent information security incidents, and in the unlikely event that an incident does occur, we will promptly take appropriate measures, including measures to prevent recurrence.

7. Handling of Personal Information
   

   Regarding the handling of personal information, we will establish a separate privacy policy and strive to protect such information, in recognition of the fact that protecting personal information is an extremely important social responsibility in today's highly information-driven society.

8. Education and training on information security
   

   In order to maintain and improve our information security standards, we will continually provide necessary education and strive to deepen information users' understanding of relevant laws and regulations.

9. Business Continuity Management

   We will strive to continue our business by minimizing business interruptions caused by accidents, breakdowns, and negligence, as well as intentional misuse of information assets, as much as possible.