Security Policy
Basic Philosophy
Prometech Group, Inc., Prometech Software, Inc., GDEP Solutions, Inc. (hereinafter, "our group"), conducts business under the corporate philosophy, "Create future with computational science".
The customer information and other information assets that our group handles as part of our business operations are extremely important to us. All persons who handle our information assets, including our group's executives and employees, are aware of the importance of protecting these information assets. Therefore, in order to maintain and improve the confidentiality, security, and availability of these information assets, we hereby set forth and pledge to enforce this basic security policy.
Basic Policy
- In order to protect information assets, we establish an information security policy and conduct our business in accordance with it. At the same time, we abide by any and all relevant laws, regulations, and other standards, and by any and all matters set forth in our contracts with our customers.
- We analyze the risk of incidents associated with information assets, such as the leakage of, damage to, or loss of information, and clarify the standards for evaluating such risks. We establish systematic risk assessment methods, and assess risks on a periodic basis. In addition, we implement necessary and appropriate security measures based on the results of such assessment.
- We establish an organizational structure for information security, with the Top Management at the core. At the same time, we clarify permissions and responsibilities related to information security. In addition, in order to ensure that all of our employees are aware of the importance of information security and handle information assets appropriately, we periodically conduct education and drills.
- We periodically carry out inspections and audits regarding the status of compliance with the information security policy and the handling of information assets, and implement prompt measures to address any insufficiencies and items for improvement that we find.
- We implement appropriate measures to address the occurrence of information security events or incidents. At the same time, we establish procedures for handling any such incidents that do occur, in order to minimize the damage caused. In the event of an incident, we take prompt action and implement measures appropriately. In addition, we establish a framework for dealing particularly for incidents involving a suspension of business, and review and revise this framework periodically. By doing so, we ensure the continuity of our group's business.
- We establish an information security management system in order to set forth targets for implementing our basic philosophy, and implement this system while also reviewing, revising, and improving it on a regular basis.
【Established on July 26, 2024】
Group CEO FUJISAWA Toshimitsu
Prometech Group, Inc.
Prometech Software, Inc.
GDEP Solutions, Inc.