Information security policy

basic principle

Multibook Limited (hereinafter referred to as our company) conducts business based on the philosophy of "making the challenge of overseas management more accessible and easier."
The information assets we handle in our business, including customer information, are extremely important as our business foundation.
Those who handle information assets, including executives and employees, who recognize the importance of protecting information assets from risks such as leakage, damage, and loss, must comply with this policy and ensure the confidentiality and integrity of information assets. , implement activities to maintain information security such as availability.

Basic policy

• Compliance with laws and regulations

  In order to protect information assets, we have established an information security policy and related regulations, and conduct our business in accordance with these policies, as well as comply with laws, regulations, and other norms related to information security, as well as the terms of our contracts with our customers. Masu.

• Building an information security system

  We will clarify the standards for analyzing and evaluating the risks of leakage, damage, loss, etc. that exist for information assets, establish a systematic risk assessment method, and conduct risk assessments on a regular basis. Additionally, based on the results, we will implement necessary and appropriate security measures.

• Improving information security literacy

  We will establish an information security system centered on the executive officer in charge, and clarify authority and responsibility regarding information security. We also provide regular education, training, and awareness to ensure that all employees recognize the importance of information security and handle information assets appropriately.

• Information security audit

  We will regularly inspect and audit the compliance status of information security policies and the handling of information assets, and will promptly take corrective measures for any deficiencies or improvements that are discovered.

• Response to information security events and incidents

  In addition to taking appropriate measures in response to information security events and incidents, we have established response procedures in advance to minimize damage in the unlikely event that they occur, and promptly respond in the event of an emergency. We will respond accordingly and take appropriate corrective measures. In addition, we will ensure the continuity of our business by establishing a management framework and periodically reviewing it, especially for incidents that may cause business interruption.

• Implementing continuous improvement

  We will establish an information security management system that sets goals to realize our basic philosophy, implement this system, and continually review and improve it.