- KDDI HOME
- Corporate Information
- About KDDI
- Released Information
- Security Policy
Security Policy
KDDI, having a mission to provide telecommunication services in a safe and stable manner, shall strive to earn the trust of its customers and related parties by handling of customer information and confidential corporate information securely as well as consistently taking appropriate precautionary measures against information leak risks. For this purpose, KDDI releases this "Security Policy" both internally and externally, and declares its intent to comply with this policy and the "Privacy Policy" (see separate document).
1. Purpose
This Security Policy (hereafter referred to as "this policy") defines the basic policy related to information security, in order for KDDI Corporation (hereafter referred to as "KDDI") to affirm the proper management of information as an important management issue and to ensure information security.
2. Release of Security Policy and Other Information
KDDI, having a mission to provide telecommunication services in a safe and stable manner, shall strive to earn the trust of its customers and related parties by handling of customer information and confidential corporate information securely as well as consistently taking appropriate precautionary measures against information leak risks. For this porpose, KDDI releases this policy both internally and externally, and declares its intent to comply with this policy and the Privacy Policy (see separate document).
3. Scope of Application
All KDDI employees, executives, and temporary personnel shall comply with this policy and the Privacy Policy (see separate document).
4. Information Security Management System
In order to protect and appropriately manage all of its information assets, KDDI shall regularly hold meetings of its Information Security Committee, which is comprised of top executives, and shall maintain a system that monitors the state of information security management at a company-wide level and allows prompt implementation of any security measures deemed necessary by risk analysis.
5. Implementation of Information Security Measures
KDDI shall establish an appropriate information security system and implement physical, technological, operational, administrative, and human measures to prevent incidents involving information assets, such as unauthorized access, data destruction, information leaks, and falsification. KDDI shall also implement incident response measures that, in the event of an information security breach, provide a quick recovery and solution to problems and maintain the high reliability and continuity of KDDI's telecommunications business operations.
6. Establishment of Internal Regulations on Information Security
KDDI shall establish internal regulations based on this policy and the Privacy Policy (see separate document) and thoroughly familiarize employees with the company´s clearly defined policies and rules in order to appropriately manage its information assets.
7. Implementation of Information Security Education
KDDI shall make efforts to improve the information security literacy of all employees and related parties, and shall continuously implement information security education and training to ensure the appropriate management of KDDI´s information assets.
8. Implementation of Proper Management of Contractors
When operations are contracted in full or in part to outside companies, KDDI shall thoroughly screen the contractors to ensure competence and shall require, by contract and other means, that they maintain a level of security matching that of KDDI. In addition, to verify that this level of security is maintained, KDDI shall regularly audit contractors and review the management system.
9. Compliance with Laws and Regulations
KDDI shall endeavor to comply fully with all applicable laws and regulations, as well as rules and regulations defined by the company, and shall make every effort to appropriately manage information by severely punishing any violations.
10. Internal Auditing of Information Security
KDDI shall conduct regular and irregular internal information security audits to confirm that business operations comply with information security laws and regulations, as well as rules and regulations defined by the company, and to verify the effective functioning of the information security system.
11. Implementation of Continuous Improvement
KDDI will continuously implement improvements to information security by building and utilizing its information security management system (ISMS) on a company-wide level.
- Released Information
- Security Portal
- Security Policy
- Privacy Portal
- KDDI's Privacy Policy
- AI R&D and Utilization Principles for KDDI Group
- About Universal Service Fund System
- About Telephone Relay Service Fund System
- KDDI Group Sustainable and Responsible Procurement Policy
- Information of connectivity verification with the KDDI network
About KDDI
- President's Message
- Corporate Profile
- The KDDI Group Philosophy
- Brand Message
- History
- Released Information
- Security Portal
- Security Policy
- Privacy Portal
- Privacy Policy
- AI R&D and Utilization Principles for KDDI Group
- About Universal Service Fund System
- About Telephone Relay Service Fund System
- KDDI Group Sustainable and Responsible Procurement Policy
- Information of connectivity verification with the KDDI network
- Organization Chart
- Recommended Contents
-