Information Security Policy
We have acquired ISO/IEC 27001 certification, an international standard for information-security management systems (ISMS). With the acquisition of this certification as an opportunity, we accelerate to promote information security measures more than ever, while striving to maintain and improve information security management to further enhance customer trust.
Overview of registered certification
- Organization registered
- SHIFT, Inc.
- Scope of registration
- a) Development and maintenance of IT system
b) Testing and support services for system software; Consultation service for quality assurance of the system - Applicable standard
- ISO/IEC 27001:2022
- Certification registration number
- JUSE-IR-453
- Date of initial registration
- October 31, 2012
- Certification registration body
- Union of Japanese Scientists and Engineers ISO Center
Information Security Policy
We have formulated the Information Security Policy to meet the information security objectives outlined below.
Information Security Objectives
The company handles a host of information assets, including information we retain on behalf of our customers. Partly in order to maintain the trust of our customers, we consider it our responsibility to appropriately implement and preserve appropriate safety management measures for these information assets. To achieve these aims, we promote the Information Security Policy and activities, taking into consideration laws, regulations, regulatory requirements, and contractual information security obligations.
Information Security Policy
We have formulated the Information Security Policy to achieve and support our information security objectives.
Organization-Wide Compliance with Information Security Management System Requirements
- We will fulfill our responsibilities as managers and support efforts to reach the information security objectives.
- We will establish an Information Security Promotion Committee to promote appropriate information security measures.
- People associated with the company will act in accordance with the company’s security regulations, strive to prevent incidents related to information assets and, if an incident should occur, promptly take appropriate measures, including the introduction of measures to prevent recurrence.
- We will promote awareness and training activities related to information security.
Organization-Wide Improvements to the Information Security Management System
- We will periodically review our information security objectives and policies in response to changes in business content, organization, and technologies, striving for ongoing improvements in the information security system.
July 1, 2015
Masaru Tange, President and CEO