Security Policy

Information Security Policy

This Information Security Policy is established to protect the information assets of Naradewa Inc. (hereinafter referred to as "the Company") and its customers from all internal and external, intentional and accidental threats, and to ensure the stable continuation of business operations.

  1. 1. Information Security Management System

    The Company establishes an information security management system (ISMS) and strives to maintain and improve information security through continuous efforts.

  2. 2. Information Security Committee

    To operate the ISMS, the Company appoints an Information Security Officer and establishes an Information Security Committee to build the necessary organizational structure.

  3. 3. Compliance with Legal and Contractual Requirements

    The Company complies with laws and regulations related to information security, including the Act on the Protection of Personal Information, as well as rules and guidelines established by relevant authorities and industry associations to ensure proper management of information.

  4. 4. Protection of Information Assets

    The Company recognizes the importance of all information assets it possesses in terms of confidentiality, integrity, and availability. It conducts risk assessments and takes appropriate protection measures based on its information security framework.

  5. 5. Establishment of Security Regulations

    The Company formulates security-related rules and regularly inspects its management structure and initiatives to continuously improve and revise them.

  6. 6. Implementation of Countermeasures

    The Company implements appropriate countermeasures based on risk assessments to protect all information assets entrusted by customers and used internally as business resources from threats such as negligence, accidents, disasters, and crimes. In the event of a security incident, we investigate the cause, take immediate action to minimize damage, and work to prevent recurrence.

  7. 7. Education and Training

    The Company provides ongoing education and training to all employees to enhance information security literacy and ensure proper management of the Company’s information assets.

  8. 8. Continuous Improvement

    The Company regularly evaluates and reviews these efforts to continuously improve its information security management practices.

First Edition: July 1, 2018