Basic Policy on Information security

Our basic philosophy is to draw out the true needs of our customers through our business know-how and IT skills that we have cultivated since our inception, and to provide detailed, easy-to-use, and thoughtful services.
Recognizing the importance of protecting valuable information assets, such as corporate information, personal information, confidential information, etc., of customers who have learned about our business execution in the recent development of remarkable informatization, establishment of information security needs to be positioned as one of the management issues.
Based on this recognition, in principle, we will not hold information assets that require special protection as much as possible, while making the following basic policies for information assets that need protection, we will engage in our business strive to ensure that people are well informed and thorough.

Basic policies


1.Definition of information security
(1) Ensure that only authorized persons can access information.
(2) Protecting that information and processing methods are correct and complete.
(3) Ensure that authorized users have access to information and associated assets when required.


2.Purpose of information security
(1) To enhance the business continuity plan.
(2) Conduct appropriate handling in accordance with evaluation value of information assets.
(3) Conduct disciplined business activities based on ethics and sense of responsibility.
(4) Thoroughly prevent leaks of customer information assets handled for the purpose of business operation.
(5) Enlightenment for all employees through regular information security education.
(6) Minimize business loss when a security incident occurs.


3.Scope of the information security
(1) Applies to all information assets regardless of owned or temporary owned associated with computer system contract development business.
(2) Apply to all information assets associated with our internal operation management.
(3) Apply to all information assets in our office.
(4) Apply to all information assets on our website.
(5) Apply to all information related to business operation in the notebook PC when using a notebook PC owned by our company or owned by an employee for the purpose of business operation.
(6) Applies to all information assets that persons engaged in business activities performed by our company.


4.Mission of the responsible person
We appoint an information security officer.
The person in charge of information security shall promote information security management across the company.
We change and increase information security officers as needed.


5.Regular review
The review of the information security management system shall be carried out regularly in order to keep pace with environmental changes.


6.Effective date
This policy takes effect on October 1, 2011.

Revised on June 11, 2019.

© Real designing co., ltd.