SustainabilityBasic Policy on Information Security
QUICK Corp. (hereinafter, QUICK), as an information provider using information systems, considers it important that all of the officers and employees of QUICK and all personnel associated with QUICK (hereinafter, the “Officers and Employees”) recognize the importance of securing information assets, strive to maintain and manage them, and provide continuous and stable services that ensure reliability. Therefore, QUICK hereby establishes the Basic Policy on Information Security and strives to appropriately protect the information assets held by the company in accordance with this policy.
We are committed to ensuring information security and conducting our operations in accordance with the policy stipulated below.
1.General Provisions
We set forth specific matters and standards to comply with to ensure the appropriate protection and use of our information assets.
2.Management System
We establish an organizational structure and define roles and responsibilities for maintaining/managing information security.
3.Management and Protection of Information Assets
We evaluate information assets in terms of confidentiality, integrity, and availability, and conduct appropriate information security management according to the level of importance. In addition, our Officers and Employees do not use our information assets for any purpose other than business operations.
4.Human Resource Management
We establish and maintain information security-related regulations, and regularly educate and train all Officers and Employees to ensure that they are well informed of and raise their awareness of their responsibilities, obligations, and penalties for information security.
5.Physical Access Control
To protect information assets from leakage, theft, falsification, and destruction caused intentionally or through negligence, we control physical access to information assets by locking, monitoring, and restricting access depending on the importance of the information assets.
6.Technical Management
We conduct technical management, including access control to information systems, development and operation management of information systems, and measures to prevent leakage, falsification, loss, destruction, or damage of information caused by information systems.
7.Outside Contractor Management
When we outsource operations involving information asset handling, we require the outsourced contractors to manage information security at a level equal to or better than our standards.
8.Emergency Response to Information Security Incidents and Accidents
In the event of an information security incident or accident, we establish a system and procedures to promptly and effectively take countermeasures, and take measures to prevent recurrence.
9.Business Continuity Measures
In preparation for the occurrence of disasters and accidents, we formulate a business continuity plan (BCP) and strive to ensure information security.
10.Compliance
We comply with all laws, regulations, and contractual obligations related to information security.
11.Self-inspection and Internal Audit
We conduct self-inspections and internal audits to verify that information security-related regulations are being complied with and that management measures to ensure information security are appropriate and effective, and take corrective actions as appropriate.