E_KDDI-AR2009

- カテゴリ: バーチャル提案
- 作成日: 2009/07/24 21:23:25
- 要約:

- ページ: 59
- Information Security
KDDI has established an Information Security Committee composed of management-level employees, along with the heads of the sales, technology and corporate administrative divisions. This committee is part of a structure that carefully recognizes the status of information security controls for the entire company, and when necessary readily implements group-wide measures to enhance information security (see chart). Security Management Structure
Management Level
system renovations and additional tools that help prevent human error, and human countermeasures such as e-learning sessions using actual security violation examples. KDDI also continued efforts from the previous fiscal year to ensure information security for commercial telecommunications equipment from the design and development stage. In addition, to meet the goal of acquiring company-wide Information Security Management System (ISMS*) certification for enhanced security management, the Company started acquiring certification and continued its effort to add divisions certified, and achieved the goal of Company-wide ISMS certification for all divisions in April 2009. Moving forward, KDDI plans to actively utilize the companywide ISMS framework to evaluate the status and effectiveness of
Information Security Committee
Division/ Regional Office
Persons in charge of information security (General Managers)
Persons in charge of information security (General Managers)
Persons in charge of information security (General Managers)
various initiatives, substantially improve information security, and bolster the information security of the entire KDDI Group. ISMS Certification at KDDI
Persons in charge of information security (Department Managers)
Persons in charge of information security promotion
Registration No.
Organization Name
Initial Registration
IS 76406 IS 85329 IS 88665 IS 95253 IS 94986 IS 500630 IS 506507 IS 507482 IS 512595 IS 521724 IS 537749 IS 544901
Shibuya Data Center Information Systems Division Koto Technical Center KDDI Corporation*1 Otemachi Technical Center Network Operations Center Osaka Technical Center Security Operations Center Billing Support Center Service Operations Division FMBC Operations Center KDDI Corporation*2
July 4, 2003 September 28, 2004 December 13, 2004 June 7, 2005 July 11, 2005 April 18, 2006 October 27, 2006 October 27, 2006 March 16, 2007 October 22, 2007 September 30, 2008 April 10, 2009
Department Level
Information security managers
Information security managers
Persons in charge of information security
Persons in charge of information security
Persons in charge of information security
Persons in charge of information security
KDDI strictly manages the private customer information and sensitive corporate data it handles in providing a safe and stable telecommunications service, and continually implements measures to enhance information security from a variety of angles. During FY 2009.3 the Company implemented physical countermeasures such as increasing the number of security gates at building entrances and CCTVs, technical countermeasures such as
*1 Corporate, customer support, engineering, technology, and sales divisions and KDDI KYOSAIKAI, KDDI Health Insurance Union, and KDDI Pension Fund. *2 Operations Sector Engineering Operations Division, Service Operations Division, and Japan Telecommunication Engineering Service.
As an electronic communications operator, the entire KDDI Group works to improve information security so that our customers can feel safe and secure in using our information transmissions services. In order to protect our facilities from outside threats, we conduct round-the-clock monitoring and make repairs as necessary. Moreover, in order to protect the confidentiality of information and keep safe customer information and other important data, we respect and thoroughly implement information handling processes for all employees and contractors throughout the Group.
Yoshiharu Shimatani
Associate Senior Vice President Member of the Board Information Security Committee Chairman
In order to improve information security levels, in April 2009 all internal divisions received ISMS certification. From that base point, we have made ongoing efforts for improvement. Information security activities are not part of a finite campaign. Going forward, with the Information Security Committee at the core, we will continue to dynamically implement the PDCA cycle for necessary measures in order to further enhance information security at KDDI.
KDDI CORPORATION Annual Report 2009
59
- ▲TOP