Information Security Policy
1. Fundamental Principles
Tricor K.K. (hereinafter referred to as the “Company”) carries out its outsourcing services based on information provided by its clients and recognizes that the appropriate security management of these information assets, including the product of the Company’s work itself, is a source of security and trust held by clients and is the highest business priority.
As the nature of the environment that the Company operates in is constantly changing, it is essential that the Company strive for continual improvement in order to manage and maintain appropriate control over its information assets. To this end, the Company shall create and maintain an Information Security Management System (ISMS) that is recognized and followed by all employees of the Company in the exercise of their duties.
2. Information Security Objective
The Company’s information security objective is to safeguard and appropriately manage its information assets, including its clients’ information. In order to achieve this objective, the Company will proactively take appropriate and timely actions to develop and implement required information security measures.
3. Information Security Measures
|a.||Establishment of an Information Security Office|
The Company will establish an Information Security Office to develop the most appropriate security measures as well as to promote security enhancement activities.
|b.||Provision of Education Programs|
The Company shall provide awareness and educational training programs regarding information security to all employees.
|c.||Periodic Compliance Review|
The Company shall conduct periodic reviews of its ISMS to ensure that it is in compliance with applicable laws, regulations, international standards, and requirements derived from contractual obligations.
|d.||Incident Readiness and Response|
The Company shall ensure that all directors and employees act in accordance with security rules and regulations to prevent the occurrence of any information security incidents. In the event of the occurrence of such an incident, corrective actions will be taken immediately and appropriate improvement measures shall be identified and implemented.
|e.||Commitment to Continual Improvement|
The Company shall continually improve its ISMS in order to ensure that it is in line with changes in the scope of the business, organizational structure and technical advancements.
Established: January 13, 2010
Modified: October 4, 2016
CEO Henry Tan