The JVCKENWOOD Group recognizes the importance of the management of confidential information and the protection of personal data processed in our business activities, and we operate our business in compliance with the variety of regulations that govern information management. The group employees perform their day-to-day duties keenly aware of the importance of information management, ensuring that they comply with laws and regulations on information security and personal data protection at all business locations in Japan and other countries. We are also making ongoing efforts to build a stronger information management system by enhancing system security, providing thorough information management training to employees, and reducing the risk of information leaks with an eye to bolstering information security management across the Group. That includes ensuring the security of networkable products in order to prevent falsification or leakage of information as well as malicious third-party attacks that are intended to cause malfunctions (see Product Quality & Safety page for more information). Some of our business sectors (e.g., Public Service Sector) and group companies (e.g., JVCKENWOOD Creative Media Corporation) have obtained the ISO/IEC27001 certification, and we will be recommending other group companies to acquire such certification as needed.
JVCKENWOOD Group’s comprehensive policy on information security
JVCKENWOOD Group Basic Policy on Information Security
Policy on product security for products manufactured/sold by the JVCKENWOOD Group
JVCKENWOOD Group Basic Policy on Product Security
JVCKENWOOD Group’s basic policy on factory security
JVCKENWOOD Group Basic Policy on Factory Security
Policy on JVCKENWOOD Group’s information assets
JVCKENWOOD Group Privacy Policy
The JVCKENWOOD Group is building and reinforcing its information security system in line with its Basic Policy on Information Security by formulating rules on information management, implementing relevant measures, and providing employee training. At the same time, we remain aware of changes in the external environment and threats to our information assets as we build a system that enables us to ensure information security and quickly respond to such changes and threats. The Corporate Information Security Committee chaired by the information security officer meets regularly and assesses information security risks in order to maintain an information security management system, monitor its operation, and implement necessary measures. Specifically, we have consolidated information systems on an integrated server, we conduct drills to counter targeted attacks from external sources, and we maintain a Computer Security Incident Response Team (CSIRT). To ensure product security, we adhere to the Basic Policy on Product Security across the Group, promote Security by Design (SBD), and maintain a Product Security Incident Response Team (PSIRT). We will be monitoring new legislation and social needs as we address this issue company-wide to ensure that our customers can use our products/services with peace of mind. In addition to collecting and analyzing information on information security on an ongoing basis and taking necessary measures, we have a system in place that enables us to respond quickly to incidents, such as information leaks. We have set up a task force consisting of a risk management officer, information security officer, and other personnel as necessary. In this way, we ensure that security incidents are responded to appropriately by minimizing their impact while developing recovery and preventive measures, etc.
We have been working to protect personal data under the JVCKENWOOD Group Personal Data Protection Policy. We have long recognized the importance of protecting the personal data of customers, business partners and employees, but public demands in this regard have recently become even more stringent.
Against this backdrop, the JVCKENWOOD Group is working with related divisions to ensure that personal information of users of our products and services is not used inappropriately, and is implementing safety management measures for personal information in accordance with the Personal Information Protection Law, which was revised in 2022. We had no incident concerning information security in FY2022, and as of August 31, 2023, no information leakage due to unauthorized access has been confirmed. We will ensure that all employees strictly adhere to the management system for handling personal information.
The JVCKENWOOD Group regularly conducts information security training for our employees in Japan. This training is implemented as simulation for targeted e-mail attacks and as programs for general employees, PC advisors, and new employees, respectively. In FY2022, the relevant items were covered in tier-specific training, with more than 92.2% of participation rate for general employees.
Also, various types of information security training have been implemented, and in FY2022 special training was provided to employees in Japan who opened suspicious emails. The participation rate was 100%, excluding those who were physically unable to attend.
In promoting our initiatives, we set the following KPIs (Key Performance Indicators) and manage their progress.
Theme | KPI | |||
---|---|---|---|---|
FY2023 | FY2025 | FY2030 | ||
IT security training attendance rate | Domestic | 94% or more |
95% or more |
96% or more |
overseas | - |
50 % or more |
75% or more |
|
Targeted email training (attendance rate for training for email openers) |
Domestic |
94% or more |
95 % or more |
96% or more |
The JVCKENWOOD Group participates in the Personal Data Protection Committee under the auspices of JEITA (Japan Electronics and Information Technology Industries Association). This committee exchanges views with opinion leaders and makes recommendations to government agencies with the aim of creating a business environment that promotes the creation of new businesses and services and the revitalization of existing industries from the viewpoint of protecting personal information and giving consideration to privacy in Japan and overseas.
For more details, please refer to Personal Data Protection Committee (Japanese only)