Information Security Policy
Central Nippon Expressway Company Limited (hereinafter referred to as “this Company”) is acutely aware that this Company's information assets are constantly exposed to various threats. Along with thoroughly securing such important information assets which include personal information, we will further strengthen our relationship of trust with our customers and society by being proactively open. For this reason, we stipulate our basic principles for information security here, and promote company-wide efforts on information security measures.
Information assets refer to the information that this Company handles in its business activities, and the information systems necessary for handling information.
(Scope of Applicability)
These principles apply to all persons in contact with this Company's information assets, including officers and employees, affiliated company employees, temporary employees, etc.
This Company stipulates regulations for information security measures and establishes an operational system for such measures, such as assigning a person responsible for security measures, and continues to implement actions for information security including maintenance and improvement.
This Company takes appropriate physical, human, and technical countermeasures to protect and secure information assets from threats such as bugging/wiretapping, intrusion, tampering, destruction, theft, and leakage. In the event that a security threat occurs in an information asset, we will minimize the damage and quickly investigate the cause to prevent recurrence.
This Company trains people who use information assets in the necessary information security measures, and maintains and improves awareness of such measures.
(Evaluation and Review)
This Company periodically evaluates and reviews the contents stipulated in the rules on information security measures, and strives for continuous improvement.
(Compliance with Laws and Regulations)
Directors, employees, and other related parties comply with laws, regulations, rules, and norms related to information security and with contractual obligations related to security agreed upon with customers. In addition, contracts concluded between this Company and external businesses specify items to be observed regarding information security measures.
Executives will lead by example and take responsibility in securing information assets and its countermeasures.
This Company notifies users of this company's information assets regarding these principles, and makes them publicly available.
October 27, 2005