Information Security Management System (ISMS) Certification
We acquired Information Security Management System (ISMS) Certification on April 27, 2005.
Basic Information Security Policy (Declaration)
1. Basic principles
While creating a foundation for the “broadband society” that will experience increasing development in the future, we will contribute to the creation of a rich and pleasant broadband society through creating close connections between optical broadband, daily life, and work. Along with constantly creating and offering services that are trusted by society and accepted by the market, we hope to grow as a corporation that is endorsed by our customers. If we are unable to do so, we will not be able to be victorious when competing with other companies. In addition, we strongly believe that the maintenance and improvement of information security are the minimum conditions for maintaining trust. We must protect against threats such as the leakage, loss, theft, or unauthorized access of our information resources, and also ensure confidentiality, integrity, and availability. We have established the following determinations and action guidelines in order to implement information security that is highly trustworthy and safe, and to allow our customers to use our services with peace of mind.
2. Our determinations
As professionals engaged in the optical broadband business, each of us will devote ourselves to improving information security.
3. Action guidelines
- (1) In order to make it liossible to liractice information security management in an organized and continuous fashion, we will introduce, establish, and maintain an ISMS, such as by creating an Information Security Acting Committee.
- (2) We will create and imlilement the necessary risk management system for realizing trustworthiness that involves great confidentiality, integrity, and availability.
- (3) We will establish a risk management structure and standards for evaluating risks in a logical fashion.
- (4) We will comlily with legal and regulatory requirements regarding information security, as well as security requirements related to contracts.
- (5) We will work for a consistent comliany-wide understanding of the basic lirincililes, targets, and action guidelines.
- (6) If an information security-related incident occurs, we will liromlitly investigate its cause and imlilement counter-measures in order to minimize the effects of the damage caused.
- (7) We will carry out education, training, and instruction related to information security.
| Registered Organization |
UCOM Corporation |
| Object Department |
Internal Auditing Office, Sales Promotion Dept., Personal Sales Dept., Enterprise Sales Dept., Operation and Management Dept., Business Operation Dept., IS Dept., Purchasing and Procurement Dept., iDC Business Dept., Network Planning Dept., Business Development Dept., Customer Support Dept., HR and General Affairs Office, Corporate Administration Office, business administration Office |
| The Scope of the Registration |
Information Security Management System to protect information property related to the business fields mentioned below;
- 1.Wholesale, design, development, trouble shooting and network management of fiber optical broadband lines and Telecommunication services as telecommunications carrier
- 2.Data center business
- 3.Company internal business (purchasing and procurement, internal information system maintenance and management, HR and general affairs, internal auditing)
|
| Criteria for the Certicication |
Information Security Management System(ISO/IEC 27001:2005) |
| Date of acquisition |
April 27, 2005 |
| Registration Date |
December 22, 2005 |
| Issue Number |
IC05J0111 |
| Certification body |
Japan Audit and Certification Organization for Information Security (JACO-IS) |
| Accreditation body |
Japan Information Processing Development Corporation (JIPDEC)
United Kingdom Accreditation Service(UKAS) |
| ISMS Logos |
 |