Information security basic policy

Thelemaassist Co., Ltd. (hereinafter referred to as “the Company”) is listed as the company philosophy “in order to realize the customer’s will in the best possible way, we will maximize our skills and provide IT services that satisfy our customers. In order to realize this philosophy, we are striving based in the principle of “our satisfaction” every say by improving our skills “thinking deeply about issues and problems and cultivating insights” throughout “learning the latest technology, project management, daily system operation”. We declare that we will respond to the high trust of our customers by establishing, implementing and maintaining the basic information security policy (hereinafter referred to as “this basic policy”) for the information assets that support our business foundation.
1. Basic statement
We achieve our business objectives by formulating and implementing appropriate control measures to maintain confidentiality, integrity and availability as protecting all information related to our business activities.
We comply with information security laws, regulations, other norms, and contractual security obligations.
3.Risk assessment
We formulate appropriate risk assessment methods and implement risk management according to the level of each information asset.
4.Employee responsibilities and obligations
We will raise awareness of information security, thoroughly inform of the appropriate use of information assets, and regularly provide education and training necessary for all employees engaged in our business. Employees are those who are directly or indirectly engaged in business within the Company and who have access to the information assets of the Company (executives, employees, part-time workers, contract employees, partner company employees, etc).
5.Emergency response
We will ensure business continuity by minimizing business interruptions due to emergencies such as disasters and serious accidents.
Our employees will act in accordance with this Basic Policy. Violations will be subject to punishment based on employee work rules.
7. Internal audit
We regularly audit our information security compliance status and realize continuous improvement.
8.Personal information protection
Personal information will be managed in accordance with legal requirements when relevant legal requirements are applied.
9.Management Review
Our management will review this basic policy on a regular or when necessary. In addition, if necessary, we will review or review the rules and procedure manual when we change the basic policy.

June 26, 2015 3rd Edition
Keiichi Kubota, CEO of Thelemaassist Co., Ltd.