SECURITY POLICY
Basic Principles
ROXX, Inc. (hereinafter referred to as “Our Company”) is an internet service company which operates a job distribution platform to connect between companies seeking workers and staff agencies and offers an online reference check service, handling a multitude of information related to personal information.
We have given our first priority to offering safe and efficient services using internet in the human resources industry, which keeps changing increasingly every year, such as a declining workforce or diversification of employment pattern. Accordingly, we deem information assets including personal information and our clients' information that we handle as most important in Our Company's business bases.
Persons dealing with information assets including officers or employees, who acknowledge the importance of protecting information assets from the risk of leakage, damage, destruction, etc., will comply with this Policy and perform activities for maintaining information security such as the confidentiality, integrity and availability of information asset.
Basic Policy
- We will create an information security policy for protecting information assets and perform our business according thereto as well as complying with laws and regulations, restrictions and other standards, and any agreement with our clients.
- We will clarify the criteria for analysis and evaluation of the risk including the leakage, damage, destruction, etc., establish a systematic risk assessment method and perform the risk assessment periodically. Then, we will perform necessary and appropriate security measures based on the results.
- We will establish an information security structure placing charged officers in the center and clarify the authority and responsibility for information security. And we will conduct education, training and awareness-raising periodically for all employees to make them aware of the importance of information security and ensure our appropriate handling of information assets.
- We will take appropriate measures for any occurrence of information security events or incidents and establish the handling procedures to minimize damage as little as possible in the event of the actual occurrence, and upon emergency, handle it immediately and take appropriate corrective action. Regarding any incident which is likely to relate to suspension of business, we will ensure Our Company's business continuity by establishing the management framework and reviewing it periodically.
- We will establish and carry out information security management system aiming at the realization of the Basic Principles, and review and improve it continuously.
ROXX, Inc.
Taro Nakajima, Representative Director and Chief Executive Officer