Information Security Management
Basic Stance for Information Security
The Kawasaki Group provides products to a diverse range of customers, from general consumers and the public sector to the Self-Defense Forces, and promotes numerous information security measures suited precisely to the requirements of each customer sector.
Information Security Management Structure
We established a dedicated framework under the corporate risk management structure to handle information security management for the Group. We promote a management cycle, emphasizing rules, training and technology measures to address information security risks that constantly change with the times, and we systematically implement, maintain and enhance information security measures.
In addition, the Group’s data center has acquired ISO 27001, the international standard for information security management, and strives to uphold a high level of operational reliability.
Information Security Management System
Information Security Measures
The necessary information security management practices have been established as corporate regulations to ensure compliance with prevailing domestic and international laws and in respect of contractual promises to clients and to protect our businesses from external risks.
These corporate regulations comprise Rules for Information Management, as the underlying policy, along with various standards for establishing administrative management guidelines, including the use and implementation/development of information systems.
Education and Training
We run education and training programs on the information security theme for employees of all Group companies.
Education delves into laws and social customs as well as corporate rules and incident examples, and course content is tailored to career level, such as newly hired employees, general employees and executives.
Training programs use simulations, conducted on a regular basis, that help employees learn how to avoid damaging situations, such as cyber attacks and online crime, which could occur in the course of daily business operations.
Information System Security Measures
We have implemented systems to prevent unauthorized access to data from outside as well as information leaks from inside and to stop the spread of computer viruses. We have also introduced systems to check for irregularities, such as illegal activity.
Safeguarding Intellectual Property
To survive amid intense global competition, we must raise corporate value by developing business pursuits that showcase core competence. Toward this end, we rely on intellectual property—a vital management resource— and the key to securing and successfully applying this corporate asset is to undertake activities from a three-point perspective that adds intellectual property to business and R&D as a third component of core competence.
To promote these strategic intellectual property-oriented activities, we maintain a structure whereby the Intellectual Property Department in the Corporate Technology Division drafts corporate measures for implementation and works with other intellectual property management departments in each business segment. This provides support in line with each segment’s business activities.
Invention Reward System
Based on the Patent Law regulation pertaining to inventions by employees, Kawasaki has established a provision in its internal rules regarding inventions by employees to reward the employees at specific milestones, such as the filing of a patent application (application reward), patent registration (registration reward), and practical application (performance-based reward). The Company faithfully adheres to this provision. In addition, the same reward system is applied even when the invention is not made public for strategic reasons. Of note, the performance-based reward is fairly awarded after duly taking into consideration how the Company has benefited from the invention, using an evaluation standard based on comparisons with other companies in the same industry as well as trends in society.
Protecting Personal Information
For the control of personal data, such measures are taken as constructing the security control systems for the personal data possessed by division, and preparing and regularly updating the personal data handling ledger showing the handling of such personal data.
With regard to personal data in its possession, the Company has put in place a structure that ensures a prompt response to individual requests on the use of personal data, such as disclosing it, no longer using it, etc.