Information Security Basic Policy Statement

Information Security Basic Policy Statement

Information Security Basic Policy Statement

1 Purpose

Much of the information handled by atGlobal Inc. is confidential information about our clients’ latest products, private information about our clients and translators, and other information that must be handled with great care. We are an information distribution company that our clients can trust. As an information distribution company trusted by our customers, our objective is to ensure customer trust and minimize business losses by preventing incidents related to the security of customer information. Specifically, the following goals shall be set

①Obtain ISMS certification (company-wide compliance with the scope and information security protection specified in Atglobal’s ISMS)

②Raise the information security awareness of all staff. To this end, enhance education and training, increase accessibility of documents related to information security, etc.

2 Definition of information security

Information security means ensuring and maintaining confidentiality, integrity and availability.

(1) Confidentiality: the ability to disclose information to unauthorized individuals, entities ( Confidentiality: A property that makes information unusable or private to unauthorized individuals, entities (organizations, etc.), or processes. (Confidentiality: the property of making information unavailable or private to unauthorized individuals, entities, or processes.)

(2) Completeness: Characteristics that protect the accuracy and integrity of the asset. (i.e., protecting against falsification or errors in information.)

(3) Availability: the ability for authorized entities (organizations, etc.) to (i.e., an authorized entity) is able to access and use the information when requested. (i.e., protection against loss or corruption of information or system outage).

3 Scope of Application

[Organization]: Atglobal Inc.

[Facility]: Head office in Omotesando (headquarters and central administrative functions)

[Operations]: Management, General Affairs and Labor Relations Department, Accounting Department, Translation Department, Overseas Research Department

Digital Marketing Department (Consulting Department)

[Assets]: Documents, data and information systems related to the above operations and services

[Network]: Network environment for 45 home-based staff to connect to the Internet

4 Implementation Matters

(1) All information assets in the scope of application are protected against threats (leakage, unauthorized Establish, implement, operate, monitor, review, maintain, and improve an information security management system to protect all applicable information assets from threats (leakage, unauthorized access, alteration, loss, or damage).

(2) Handling of information assets shall comply with relevant laws, regulations and contractual requirements.

(3) Prevention and recovery procedures shall be developed to ensure that business activities are not interrupted by a major failure or disaster.

Reviewed on a regular basis.

(4) Education and training on information security shall be provided regularly to all employees in the applicable scope.

5 Responsibilities, duties and penalties

(1) Responsibility for information security lies with the Representative Director. To this end, the Representative Director shall provide the resources needed by the staff in the scope of coverage.

(2) The “Information Security Basic Policy Document” shall be formulated by the Information Security Committee and approved by management.

(3) Staff within the scope of application shall be obligated to protect customer information. shall be obligated to protect customer information.

(4) All applicable staff must follow procedures established to maintain this policy. shall follow established procedures.

(5) Scope staff shall report information security incidents and weaknesses.

(6) In the event that a member of the applicable staff commits an act that jeopardizes the protection of the information assets handled, including but not limited to customer information, the member shall be punished in accordance with the employee work rules.

6 Periodic Review

Reviews of the information security management system shall be conducted periodically to adapt to changes in the environment.



Date 2022 Nov. 13th


Signature Hiroichi Goto