Information Security Policy

Information Security Policy

Date of enactment: April 14, 2022
Revised: October 1, 2024
Mogic Corporation
Yoichi Yamane, President and Representative Director

(hereinafter referred to as "Mogic") is committed to information security based on the following policy to protect our information assets and those entrusted to us by our customers from threats such as accidents, disasters, and crimes, and to live up to the trust of our customers and society. The information assets covered by this policy shall be all information obtained and acquired in the course of our corporate activities and all information held by us in the course of our business operations.

Basic Philosophy and Scope of Application

These rules are the basic principles of our information security measures and apply to all information assets used in our business activities and all employees, including representative directors, officers, full-time employees, and part-time employees who use such assets.

Information Security System

We will establish and operate a system to ensure the effectiveness of information security measures by appointing a person responsible for information security.

Maintenance of and compliance with internal rules and regulations

In order to protect and properly manage information assets, we will establish regulations similar to our security policy, disseminate them to all employees, including representative directors, officers, and part-time employees, and require them to comply with them, as well as comply with all applicable laws and regulations.

Operation and management of information assets

We implement appropriate and thorough information security measures to ensure the proper operation and management of our information assets.

Information security education

In order to maintain and improve awareness of information security measures and to put them into practice, we provide necessary education and training on information security to all employees, including users and managers of information assets, representative directors, officers, part-time employees, and other related personnel.

6. development and operation of monitoring system

In order to ensure the effectiveness of information security, we conduct audits on a regular and as-needed basis to confirm that we are in compliance with the rules and regulations that are equivalent to the security policy, relevant laws and regulations, and norms on information security established and published by government agencies and industry associations, and that we are functioning effectively. If any violations are found, we will deal with them strictly.

Information security measures

In order to prevent accidents related to the operation and management of information assets, such as leaks, falsification, damage, and unauthorized access, we will implement information security measures in terms of organizational, physical, technical, and personnel safety control measures, and if an accident should occur, we will promptly implement corrective and recurrence prevention measures, In the event of an incident, we will promptly implement corrective measures and measures to prevent recurrence.

Strengthen management system for subcontractors

When outsourcing our business to an external contractor, we will fully and rigorously examine the suitability of the contractor, require information security measures equivalent or superior to those of our company, and conduct regular audits of the contractor to confirm that information security measures are being properly implemented. We will also conduct periodic audits of contractors to ensure that information security measures are properly implemented.

9. ongoing efforts

In order to further ensure the effectiveness of information security, we will continue to improve our information security measures through periodic monitoring and evaluation of the above efforts.