Information security

Information security promotion system

Recognizing the importance of information security management, in order to ensure that information management is conducted appropriately, we have established internal structures, provided employees with information and education on rules and regulations, and conduct inspections and so on in compliance with the All Toyota Security Guidelines (ATSG)

The Risk Management Department conducts security inspections to ensure that there are no issues with external email, that employees do not carelessly take internal information outside the office, or that USB memory, cameras, and other devices are handled properly. Along with enhanced checking functionality in the system, we are further enhancing our confidentiality management structure to also provide advice from experts.

We have applied the ATSGs at all Group companies, and are enhancing information security across the entire Aichi Steel Group.

Information security promotion system

Management system and roles of each department

Information security guidelines

We, for security controls and to prevent leakages of personal information, have established rules regarding the procedures for handling documents and data, sending and receipt of email, and management standards and procedures for computers and peripheral devices.

Examples of rules:

  • Document control rules
  • Information security control rules
  • Information disclosure rules
  • Private information protection rules, etc.

We carefully handle and strictly control any information held by the Company or by any Group company, and any information obtained from our customers, suppliers or employees, etc., in accordance with our internal rules.

Definition of Confidential Information
All information, products, and facilities, regardless of form, that would disadvantage the Company if disclosed or leaked, or that would benefit a third party, and that have been designated as subject to restrictions on disclosure by the confidentiality management supervisor specified under the information security system. Confidential information regarding other companies obtained through proper means is also included.

Information security awareness and education

Through our CSR meetings, management receives updates on current Group information security management levels, as well as issues and ongoing efforts, ensuring a common awareness of information security as a management issue. For employees, a check is conducted using an "information security checklist" for every employee using a personal computer in their day-to-day work, regarding handling of information devices and various related rules. Based on those results, staff responsible for education in each department, along with department heads, provide individual instruction.

We also present public incidents of information leaks in a news format, and issue company-wide alerts when a computer virus or another malicious program is discovered in the Company, in order to raise awareness of security controls.

Number of times security
training held