VIE Corporation (hereinafter referred to as "VIE") is committed to the social implementation of high-quality neurotechnology and its contribution to well-being, and in order to become a leading BrainTech company in Japan, the information assets we handle in our business, including valuable customer information, are extremely important as the foundation of our management. We are committed to protecting the information assets we handle in our business, including our clients' valuable information, from leakage, damage or loss. We recognize the importance of protecting such information assets from risks such as leakage, damage, and loss, and all employees, including directors and employees, shall comply with this policy and practice activities to maintain information security, including confidentiality, integrity, and availability of information assets.
- 1. To protect information assets, we shall establish an information security policy, conduct our business in accordance with this policy, and comply with laws, regulations, and other rules related to information security, as well as the terms of our contracts with our customers.
- 2. We shall not disclose any information that may exist in relation to our information assets.
We will clarify the criteria for analyzing and assessing the risk of leakage, damage, loss, etc. of information assets, establish a systematic risk assessment method, and conduct regular risk assessments. Based on the results, we will implement necessary and appropriate security measures.
- 3. We will establish an information security system led by a director in charge, and clarify the authority and responsibility for information security. In addition, we will regularly educate, train, and enlighten all employees to ensure that they recognize the importance of information security and handle information assets in an appropriate manner.
- 4. We will regularly inspect and audit the status of compliance with the information security policy and the handling of information assets, and promptly take corrective actions for any deficiencies or improvement items found.
- 5. We will take appropriate measures against the occurrence of information security events and incidents, and in the unlikely event of such incidents, we will establish procedures in advance to minimize damage, and in the event of an emergency, we will respond promptly and take appropriate corrective measures. In addition, we will ensure business continuity by establishing a framework for the management of incidents, especially those that could disrupt business operations, and by regularly responding to, testing, and reviewing our response and restoration procedures.
- 6. We will establish and implement an information security management system that sets goals to realize our basic philosophy, and continuously review and improve it.
Established on April 1, 2023
CEO Yasuhiko Imamura