By use of the following kinds of policies, the Chiba Convention Bureau and International Center (below, “CCB-IC”) will put into place such appropriate information security measures as will protect CCB-IC’s information properties from all threats, regardless of whether they are by intent or by accident.
2. Scope of Application
The scope of this security policy applies to all of the information properties CCB-IC uses in business, those facilities used to protect such information properties and all staff employed at CCB-IC (below, “the employees”) as well as those places work has been consigned to.
3. Definition of “Information Properties”
Information properties refers to all information born from business affairs, regardless of medium, whether it is information by way of computer, etc., created electronic records or information which has been printed out on paper.
4. Management Systems
(1) In addition to establishing a system to drive forward security measures for information properties, CCB-IC will educate individuals on security information so that they will observe the information security policy more thoroughly. Furthermore, in such cases that accidents do occur, in addition to keeping damages to a minimum, CCB-IC will also investigate the cause of accident and take appropriate steps to prevent such accidents from occurring in the future.
(2) Aside from observing the regulations stipulated in the second paragraph of the fourth article of the “Working Regulations” (on the prevention of leaking secrets learnt on duty), the employees will understand the contents of the “Law on the Protection of Personal Information,” implement such information security measures as are based upon the “Standards for Information Security Measures” (by-law), and confirm that necessary measures with regards to third person parties from places of business, etc., are being implemented.
5. Physical Security Measures
(1) CCB-IC will appropriately protect the office and its facilities and such equipment and networks as deal with information properties, etc., from being exposed to such dangers as theft, manipulation and destruction, etc.
(2) The employees will appropriately protect information properties from being exposed to such dangers as theft, manipulation and destruction, etc.
6. Measures against Unauthorized Access
(1) In order to prevent information leaks or manipulation, CCB-IC will determine who has authority to refer to and use information resources, and manage them so that only those who have legitimate, business-necessitated reasons may have access.
(2) CCB-IC will take appropriate measures to prevent unauthorized access.
(3) The employees will use passwords, equipment, etc., with a full understanding of the importance of managing such access.