ASCA Corporation (“ASCA”) recognizes as its social responsibility the task of ensuring information security in view of its business specialism in handling diverse information including information relating to documentation services in the medical and biotechnology domains of our clients’ operations. ASCA regards information security as an important and ongoing task and as such, ASCA shall adopt the Information Security Policy set down below under our executive management approval, and accordingly shall implement all actions necessary to ensure information security.
ASCA shall engage appropriately in information security management and protection of information assets. ASCA shall prevent information security breaches such as leaks, falsification and theft. The purpose of ASCA’s information security management is to build a partnership of trust with our clients, partners and the public at large.
ASCA shall apply its Information Security Policy to all the information assets it owns and to all its employees.
- ASCA shall ensure and maintain the confidentiality, integrity and availability of the information assets it owns.
- ASCA shall strictly comply with the requirements of legislation and regulations concerning information security.
- ASCA shall strictly comply with security requirements as agreed in the contracts we sign.
- ASCA shall protect information assets chiefly comprising customer information and shall regularly update the protection so that if any major damage or accident should occur, it will be in a position to swiftly resume business activities.
- ASCA shall regularly administer education and training on information security towards its directors and all employees.
- ASCA shall firmly establish and maintain its information security management system by adopting criteria that evaluate information security risks and engaging in appropriate risk management.
4. Information Management System
ASCA shall be proactive in information security management by setting up a security committee to implement information security measures, making an accurate assessment of ASCA's information security status and ensuring that any necessary action can be taken speedily.
5. Ongoing Improvements
ASCA shall review its Information Security Policy and information security management system on a continuous basis and make improvements, in line with the changes that impact on the risks surrounding the information assets that ASCA handles.
First Adopted: June 21, 2013
Revised: June 1, 2022