Security Policy

ASCA Corporation (“ASCA”) recognizes that it has a social responsibility to ensure information security in consideration of the characteristics of its businesses that handle various types of information, including our customers’ information relating to documentation services in the life sciences field, and pursues this responsibility as an important, ongoing issue. Accordingly, ASCA has established the “Information Security Policy” detailed below and implements information security measures in compliance with that policy.

1. Purpose

ASCA shall engage appropriately in information security management and protection of information assets. ASCA shall prevent information security breaches such as leaks, falsification and theft. The purpose of ASCA’s information security management is to build a partnership of trust with our clients, partners and the public at large.

2. Scope

ASCA shall apply its Information Security Policy to all the information assets it owns and to all its employees.

3. Actions

  1. ASCA shall ensure and maintain the confidentiality, integrity and availability of the information assets it owns.
  2. ASCA shall strictly comply with the requirements of legislation and regulations concerning information security.
  3. ASCA shall strictly comply with security requirements as agreed in the contracts we sign.
  4. ASCA shall protect information assets chiefly comprising customer information and shall regularly update the protection so that if any major damage or accident should occur, it will be in a position to swiftly resume business activities.
  5. ASCA shall provide regular education and training on information security to all employees, including executive officers.
  6. ASCA shall firmly establish and maintain its information security management system by adopting criteria that evaluate information security risks and engaging in appropriate risk management.

4. Information Management System

ASCA shall be proactive in information security management by setting up a security committee to implement information security measures, making an accurate assessment of ASCA's information security status and ensuring that any necessary action can be taken speedily.

5. Ongoing Improvements

ASCA shall review its Information Security Policy and information security management system on a continuous basis and make improvements, in line with the changes that impact on the risks surrounding the information assets that ASCA handles.

First Adopted: June 21, 2013
Revised: July 1, 2023

Eiko Ishioka
President
ASCA Corporation