Information Security Policy
The company acquired ISO 27001:2013 certification for information security management systems (ISMS) on August 4, 2015. Having obtained this certification, we will endeavor to further enhance our information security measures, maintain or augment our information security management, and earn additional trust from our customers.
Overview of registered certification
- Organization registered
- SHIFT, Inc.
- Scope of registration
- Development of web-related systems, software testing, maintenance, quality assurance consulting
- Applicable standard
- ISO/IEC 27001:2013
- Certification registration number
- 08928
- Date of initial registration
- October 31, 2012
- Certification registration body
- Intertec Certification Japan Limited

Information Security Policy
We have formulated the Information Security Policy to meet the information security objectives outlined below.
Information Security Objectives
The company handles a host of information assets, including information we retain on behalf of our customers. Partly in order to maintain the trust of our customers, we consider it our responsibility to appropriately implement and preserve appropriate safety management measures for these information assets. To achieve these aims, we promote the Information Security Policy and activities, taking into consideration laws, regulations, regulatory requirements, and contractual information security obligations.
Information Security Policy
We have formulated the Information Security Policy to achieve and support our information security objectives.
Organization-Wide Compliance with Information Security Management System Requirements
- We will fulfill our responsibilities as managers and support efforts to reach the information security objectives.
- We will establish an Information Security Promotion Committee to promote appropriate information security measures.
- People associated with the company will act in accordance with the company’s security regulations, strive to prevent incidents related to information assets and, if an incident should occur, promptly take appropriate measures, including the introduction of measures to prevent recurrence.
- We will promote awareness and training activities related to information security.
Organization-Wide Improvements to the Information Security Management System
- We will periodically review our information security objectives and policies in response to changes in business content, organization, and technologies, striving for ongoing improvements in the information security system.
July 1, 2015
Masaru Tange, President and CEO