ISO/IEC27001 Scope of CertificationLanguage One Corporation has obtained the certification of International Standard “ISO/IEC27001 (referred to as ISO27001)” and Domestic Standard “JIS Q 27001” under Information Security Management System (ISMS).
Scope of Certification : Operation of Multilingual Contact Center
Statement of Applicability January 17th, 2017 Second edition
Registration Date : February 26th, 2017
Certification/Registration Body : BSI Group Japan K.K.
Language One Corporation
President Junichi Arai
Information Security Policy[Information Security Objectives]
The Company will protect its own information assets as well as the customer’s information assets from threats, and will preserve the necessary information security measures. It is our social responsibility to maintain a stable operation, and to realize this objective, we will implement the Information Security Policy. All employees within our scope (executives, permanent employees, contract employees, part-time employees, temporary employees, group company employees, outsourced employees, including the employees of subcontractors) must understand and comply with the Information Security Policy, rules, and procedures.
[Definition of Information Security]
Information security is a field that protects the information assets from threats and ensures the confidentiality, integrity and availability of information.
Confidentiality: Ensures the information is accessible only to those who are authorized.
Integrity: Protects the accuracy and integrity of information and its processing method.
Availability: Ensures that authorized users have access to information and assets when they are required.
[Information Security Goals]
The Company will establish the following information security goals.
① Ensure the confidentiality of information assets, and prevent information leakage.
② Ensure the integrity of information assets and prevent unauthorized alterations.
③ Ensure the availability of information assets, and make information available when they are needed.
④ In the event of an information security incident, we will minimize the damage, make prompt restoration, and prevent the incident from reoccurring.
[Organizational Structure for Information Security]
Establish an “Information Security Committee” for implementing information security measures. Furthermore, the President will nominate the person responsible for the overall management of information security.
[Performance of Risk Assessment]
The establishment and continuation of ISMS will be performed in line with the organization’s strategic risk management. Furthermore, risk assessment will be performed and if threats and vulnerabilities are identified in the areas of confidentiality, integrity, and availability of information, we will identify the high risk items and minimize the risk.
[Compliance with Laws and Regulations]
All employees must adhere to the law prohibiting fraudulent access, personal information protection law, and other laws and industry guidelines on information security.
Familiarize our employees and other staff assigned to our company about the content of this policy and conduct necessary training regularly to maintain an acceptable level of information security awareness.
[Business Continuity Management]
Maintain business continuity by placing measures to minimize business interruptions from fire, breakdowns, and etc.
To verify the compliance of information security, internal audits are carried out regularly and as necessary. In addition to improvements made through this audit, we will review and respond to environmental changes such as changes in information systems and existence of new threats, and implement continuous improvement.
Employees who act in violation of information security regulations shall be subject to disciplinary action etc. as described in the employment regulations.
October 1, 2016