Governance

Information Security

The Nissui Group retains the personal information of customers in its mail-order/e-commerce business, etc. It is not only our corporate responsibility but also indispensable for the sustained growth of the Nissui Group to prevent the leakage/loss of such personal information and important information on management, business, research, etc. Having established the "Information Security Subcommittee" under the Risk Management Committee, we are executing information security management in a thoroughgoing manner by putting regulations and rules in place, including the "Basic Policy on Information Security," enhancing the system administration framework and periodically conducting education and training for employees.

system, 日本水産株式会社 CSR部CSR課, 外部協力者, 日本水産株式会社 広報課, 日本水産株式会社 人事部人事課

Basic Policy on Information Security

system, 日本水産株式会社 CSR部CSR課, 外部協力者, 日本水産株式会社 広報課, 日本水産株式会社 人事部人事課

Privacy & Policy

system, 日本水産株式会社 CSR部CSR課, 外部協力者, 日本水産株式会社 広報課, 日本水産株式会社 人事部人事課

Promotion Framework - The Information Security Subcommittee

The Information Security Subcommittee, which is aimed at enhancing the information security level of Nissui and its Group companies in Japan, is convened four times a year. The Subcommittee is chaired by an Executive Officer designated by the President & CEO and its members consist of the Executive Officer (in charge of risk management) and the respective heads of departments centering on the Corporate Administration Group. Its main activities involve the formulation and progress management of various measures to make the Basic Policy on Information Security function effectively, as well as the execution of procedures to deal with information security risks that have newly arisen.

The Risk Management Committee

system, 日本水産株式会社 CSR部CSR課, 外部協力者, 日本水産株式会社 広報課, 日本水産株式会社 人事部人事課

Initiatives to Enhance Information Security

Initiatives Targeted at Nippon Suisan Kaisha, Ltd. (Nissui)

With respect to all employees, we make the information security rules widely known and conduct information security education and training at least once a year. Also, a security audit is conducted periodically—i.e., once a year—at business locations where important information is retained.

Category of Initiatives Description of Initiatives Coverage Frequency
Education Implement learning and tests in e-learning format All employees of Nippon Suisan Kaisha, Ltd. (Nissui) At least once a year
Education Hold a pseudo-attack email drill Same as above At least once a year
Audit Conduct a security audit at business locations where important information is retained Business locations where customers' personal information, research information, etc. is retained Once a year

Initiatives Targeted at Group Companies in Japan

Standards to be achieved had been set in three fields—i.e., policy formulation, technical measures and personnel measures—for the purpose of evening out the security level across the Group in Japan, and 26 out of 37 Group companies in Japan achieved these standards as of March 31, 2021.

Conference of IT Divisions of the Nissui Group in Japan

For the purpose of deliberating the direction of promoting the adoption of information technology (IT) in the Group in the medium- to long-term, a conference targeted at the respective persons in charge of IT divisions in the Group is held each year. At the conference, participants exchange opinions on IT in general, including such topics as information security measures, utilization of cutting-edge technologies, and consideration of system adoption. In terms of information security, participants share the latest trends in threats and the status of information security measures taken at each Group company, identify information security issues that should be tackled by the Group in the medium- to long-term and bring their views together with respect to the countermeasures.

Conference of IT Divisions of the Nissui Group in Japan

system, 日本水産株式会社 CSR部CSR課, 外部協力者, 日本水産株式会社 広報課, 日本水産株式会社 人事部人事課