This Security Policy (hereafter referred to as "this policy") defines the basic policy related to information security, in order for KDDI Corporation (hereafter referred to as "KDDI") to affirm the proper management of information as an important management issue and to ensure information security.
2. Release of Security Policy and Other Information
3. Scope of Application
4. Information Security Management System
In order to protect and appropriately manage all of its information assets, KDDI shall regularly hold meetings of its Information Security Committee, which is comprised of top executives, and shall maintain a system that monitors the state of information security management at a company-wide level and allows prompt implementation of any security measures deemed necessary by risk analysis.
5. Implementation of Information Security Measures
KDDI shall establish an appropriate information security system and implement physical, technological, operational, administrative, and human measures to prevent incidents involving information assets, such as unauthorized access, data destruction, information leaks, and falsification. KDDI shall also implement incident response measures that, in the event of an information security breach, provide a quick recovery and solution to problems and maintain the high reliability and continuity of KDDI's telecommunications business operations.
6. Establishment of Internal Regulations on Information Security
7. Implementation of Information Security Education
KDDI shall make efforts to improve the information security literacy of all employees and related parties, and shall continuously implement information security education and training to ensure the appropriate management of KDDI´s information assets.
8. Implementation of Proper Management of Contractors
When operations are contracted in full or in part to outside companies, KDDI shall thoroughly screen the contractors to ensure competence and shall require, by contract and other means, that they maintain a level of security matching that of KDDI. In addition, to verify that this level of security is maintained, KDDI shall regularly audit contractors and review the management system.
9. Compliance with Laws and Regulations
KDDI shall endeavor to comply fully with all applicable laws and regulations, as well as rules and regulations defined by the company, and shall make every effort to appropriately manage information by severely punishing any violations.
10. Internal Auditing of Information Security
KDDI shall conduct regular and irregular internal information security audits to confirm that business operations comply with information security laws and regulations, as well as rules and regulations defined by the company, and to verify the effective functioning of the information security system.
11. Implementation of Continuous Improvement
KDDI will continuously implement improvements to information security by building and utilizing its information security management system (ISMS) on a company-wide level.
- Released Information
- Security Portal
- Security Policy
- AI R&D and Utilization Principles for KDDI Group
- About Universal Service Fund System
- About Telephone Relay Service Fund System
- KDDI Group Sustainable and Responsible Procurement Policy
- Information of connectivity verification with the KDDI network
- President's Message
- Corporate Profile
- The KDDI Group Philosophy
- Brand Message
- Released Information
- Organization Chart