Information Security Basic Policy
The corporate philosophy of PT TOYOTA TSUSHO SYSTEMS INDONESIA is to "live and prosper with people, society, and the planet and make a difference to society through our ICT* business". Guided by this philosophy, we act as a team of professionals to provide the services and solutions that customers need, and thereby contribute to the success of their businesses.
In providing services and solutions that satisfy customers, the company is deeply aware of its social responsibility to protect information assets from all threats. Our goal is to be a business production company that is deemed necessary by customers and society as a dignified existence, contributing to society through value creation in the ICT field. In order to achieve this goal, we have enacted the following Information Security Basic Policy.
The company hereby asserts that it will adhere to this policy in promoting initiatives to ensure information security. *ICT: Information and Communication Technology
- 1.In order to perform business in accordance with information security-related procedures, we will comply with all laws and ordinances, national guidelines, contractual obligations, and other social norms.
- 2.The company will secure and maintain the confidentiality, integrity, and usability of information assets we hold, including but not limited to the information entrusted to us by customers and business partners. We will take appropriate measures to manage and protect the information from all threats.
- 3.The company will take reasonable information security measures and continuously maintain them in order to prevent and rapidly respond to not only cybersecurity threats such as leakage, falsification, loss, obstruction of use, and unauthorized use of information assets, but also accidents such as losses caused by intentional and accidental operation, as well as preparing for uncertain threats.
- 4.The company will establish a management system for information security, build an appropriate administrative system for information assets, provide comprehensive information about these systems to all persons in the company who handle information assets, including executives and employees, and ensure the continuity of and make improvements to these systems.
- 5.The company shall provide comprehensive information about the necessity of information security and rules to be observed to executives and employees by establishing company regulations and also by carrying out education and training activities. As well, the state of education and training activities shall be checked and confirmed, and information security training will continue to be carried out and improved.
Promulgated: June 1, 2019
PT TOYOTA TSUSHO SYSTEMS INDONESIA