Information security policy

About our information security basic policy

We manufacture and sell the precision forged gears and maintaining the importance of the reliability in our business is extremely important to not only to our customers, but also to our society. Our greatest responsibility is to maintain our customer’s information confidentiality with high levels. In addition, all of our employees must recognize that our business of manufacturing and supplying the precision forged gear greatly depends on responding to the trust of our customers and our society. In order to fulfill these responsibilities imposed on our company, we have established our basic information policy and all of the subject persons shall act and behave in accordance with the established policy. We have decided on our policy as below.

1. In order to promote and improve the information security activities, we shall establish the organization that our executive team participates in. In addition to this, we shall determine the roles and the responsibilities for the information management and we shall expend all possible measures to the operation of the information security management system.
2. Our employees shall comply with the information security policy and related laws and regulations and contractual obligations and shall act responsibly.
3. We shall set the criteria for assessing risks and identify the risks to the information assets, and then implement the risk response plans.
4. We shall protect the information processing facilities and related facilities strictly from accidents, disasters and the external interference in order to protect the information entrusted to us by our customers and to continue our business.
5. The information management system shall be reviewed periodically and shall be evaluated its effectiveness and make improvements as necessary. Furthermore, in order to clarify that it is in accordance with the established rules and regulations, internal audits shall be conducted periodically.
6. Emergency measures shall be established in the event of accidents or disasters and we shall take such measures to ensure the continuation of our business operations without delays.
7. Education and training on the basic policy, relevant standards and procedures for information security shall be provided to all employees and others involved in the applicable scope of information assets in order to ensure that they have the necessary competence for their work.

22nd December, 2021
O-OKA Corporation
Yoshinori Ooka, President