Information Security Policy

Information Security Policy

Date of enactment: April 14, 2022
Revised: October 1, 2023
Mogic Corporation
Yoichi Yamane, President and Representative Director

("Mogic") is committed to information security based on the following policy to protect our information assets and those entrusted to us by our customers from threats such as accidents, disasters, and crimes, and to live up to the trust of our customers and society. The information assets covered by this policy shall be all information obtained and acquired in the course of our corporate activities and all information held by us in the course of our business operations.

Basic Philosophy and Scope of Application

These rules are the basic principles of our information security measures and apply to all information assets used in our business activities and all employees, including representative directors, officers, full-time employees, and part-time employees who use such assets.

Information Security System

We will establish and operate a system to ensure the effectiveness of information security measures by appointing a person responsible for information security.

Maintenance of and compliance with internal rules and regulations

In order to protect and properly manage information assets, we will establish regulations equivalent to our security policy, make them known to all employees, including representative directors/officers and part-time employees, and require them to comply with them, as well as comply with all applicable laws and regulations.

Operation and management of information assets

We implement appropriate and thorough information security measures to ensure the proper operation/management of our information assets.

Information security education

In order to maintain and improve awareness of information security measures and to put them into practice, we provide necessary education and training on information security to all employees, including users and managers of information assets, representative directors, officers, part-time employees, and other related personnel.

6. development and operation of monitoring system

In order to ensure the effectiveness of information security, we conduct audits on a regular basis and as necessary to ensure that we comply with rules and regulations equivalent to our security policy, relevant laws and regulations, and information security standards established and published by government agencies and industry associations, and that we are functioning effectively. If any violations are found, we will deal with them strictly.

Information security measures

In order to prevent accidents related to the operation and management of information assets, such as leaks, falsification, damage, and unauthorized access, we will implement information security measures in terms of organizational, physical, technical, and personnel safety control measures, and if an accident should occur, we will promptly implement corrective and recurrence prevention measures, In the event of an incident, we will promptly implement corrective measures and measures to prevent recurrence.

Strengthen management system for subcontractors

When outsourcing our business to an external contractor, we will fully and rigorously examine the suitability of the contractor, require information security measures equivalent or superior to those of our company, and conduct regular audits of the contractor to confirm that information security measures are being properly implemented. We will also conduct periodic audits of contractors to ensure that information security measures are properly implemented.

9. ongoing efforts

In order to further ensure the effectiveness of information security, we will continuously improve our information security measures through periodic inspections and evaluations of the above efforts.