PT. MITSUI-SOKO INDONESIA
We are keenly aware of the fact that the confidential information we retain and that we receive from clients, as well as personal information, are assets requiring protection. To that end, we have created an information security management system and employ and continuously refine the measures below in order to maintain the system in working order.
- Created and operating an information security management system
In order to ensure that all personnel (including but not limited to temporary, part-time, and dispatched personnel) using information assets understand our Information Security Policy and strictly comply with it, we establish an information security management system and a system to implement organizational design and risk management to ensure the maintenance of said system.
- Created core system of security measures
We have created the Information Security Management System Guidelines, which contain core standards and requirements applicable to the compliance with our Information Security Policy.
- Strict compliance with other applicable laws
We strictly comply with our legal and contractual duties per applicable laws, statutes, regulations, and contracts, and create voluntary standards of compliance as needed in order to maintain and manage security. We also take measures to ensure that third party contractors with whom we contract also strictly comply with our Information Security Policy and Information Security Management System Guidelines. We establish a set of Personal Information Protection Regulations and take appropriate measures for the safeguarding of personal information.
- Creation of work promotion team and infrastructure
We assign a chief information security officer (CISO) and maintain an information security management team and workflow, with a clear delineation of roles.
- Training personnel
In order to ensure greater awareness among our personnel of our Information Security Policy and Information Security Management System Guidelines, and the increased application thereof, we create information security training plans and implement them accordingly.