Ensuring Information Security
Ensuring Information Security
Policy
In today’s world, where the convenience of digitalization has also brought with it the great risk of losing trust due to information leaks, the financial impact of information security on our business is significant and must be a point of focus. We position information security as one of our important management strategies and ensure information security by establishing an information security system, educating our employees, and appropriately managing our information assets. Two information security incidents* occurred in fiscal 2024, which did not cause any inconvenience to customers, but we are working to strengthen the management of information assets by implementing individual preventive measures and providing training on countermeasures.
We believe that it is important to work together as a company for everything we do. Our such efforts will be centrally managed and improved to a high standard by adopting initiatives in line with the Panasonic Group’s management systems as a reference. In addition, we will build systems and rules optimized for the Company by drawing on the collective wisdom of our employees, thereby protecting the information of our customers around the world and everyone involved in our business. To work toward fulfilling our Mission of “achieving a society in which the pursuit of happiness and a sustainable environment are harmonized free of conflict,” we aim to ensure customer satisfaction and trust by having zero information security incidents.
* : Refers to the following incidents that threaten the safety of information held and managed by the Panasonic Group, including trade secrets, personal information, customer information, etc. (including information of other parties).
- Information leaks or suspected leaks outside of the Company
- Unauthorized access or suspected unauthorized access to the Company’s information from inside or outside the Company
- Destruction or falsification
Policy
In today’s world, where the convenience of digitalization has also brought with it the great risk of losing trust due to information leaks, the financial impact of information security on our business is significant and must be a point of focus. We position information security as one of our important management strategies and ensure information security by establishing an information security system, educating our employees, and appropriately managing our information assets. Two information security incidents* occurred in fiscal 2024, which did not cause any inconvenience to customers, but we are working to strengthen the management of information assets by implementing individual preventive measures and providing training on countermeasures.
We believe that it is important to work together as a company for everything we do. Our such efforts will be centrally managed and improved to a high standard by adopting initiatives in line with the Panasonic Group’s management systems as a reference. In addition, we will build systems and rules optimized for the Company by drawing on the collective wisdom of our employees, thereby protecting the information of our customers around the world and everyone involved in our business. To work toward fulfilling our Mission of “achieving a society in which the pursuit of happiness and a sustainable environment are harmonized free of conflict,” we aim to ensure customer satisfaction and trust by having zero information security incidents.
* : Refers to the following incidents that threaten the safety of information held and managed by the Panasonic Group, including trade secrets, personal information, customer information, etc. (including information of other parties).
- Information leaks or suspected leaks outside of the Company
- Unauthorized access or suspected unauthorized access to the Company’s information from inside or outside the Company
- Destruction or falsification
Information security system
The Chief Information Security Officer (CISO) is the officer in charge of information security and personal information protection, directly reporting to the President. The promotion system is designed to enable the Information Security Promotion Office, appointed by the CISO, to interact with the workplace to gather knowledge and engage in initiatives.
Information security system
The Chief Information Security Officer (CISO) is the officer in charge of information security and personal information protection, directly reporting to the President. The promotion system is designed to enable the Information Security Promotion Office, appointed by the CISO, to interact with the workplace to gather knowledge and engage in initiatives.
Details of initiatives
Management of information assets
The department that created information or the person in charge of the department that received information from other parties, establishes the confidentiality, scope of disclosure, and handling of the information as the owner of the information, and protects the information appropriately. Information disclosed by and received from other parties under a confidentiality agreement will be managed as confidential information in accordance with the provisions of the Panasonic Group Global ISM (Information Security Management) Regulations and related rules. Departments that hold information will conduct periodic inventory checks to identify the confidential information and check its management status, thereby proving that the confidential information is properly managed in the Company.
Education and training
The Information Security Promotion Office regularly plans and implements education and training to prevent information leaks. Specific initiatives include e-learning using the Panasonic Group’s training systems and targeted attack e-mail drills. In our rank-based training, we also bring in outside instructors to train management and organizational leaders. Through these initiatives, we are working to thoroughly enforce our information security rules and raise employee awareness.
Audit and ISO27001 certification
The Information Security Promotion Office conducts internal audits in accordance with the Panasonic Group Information Security Audit Guidelines to confirm the implementation status of information security management measures in each department. When deficiencies are discovered, we provide instructions for improvement and monitor the situation. Acquisition or continuation of ISO27001 certification is determined by each business site based on the nature of its business, customer requirements, etc., and we annually review those business sites that must acquire or maintain the certification.
Compliance with laws and regulations, protection of personal information
We comply with laws, regulations, and other norms related to information security. In recent years, personal information protection laws have been enacted and enforced in many countries, and we believe that protecting personal information is an important matter. We strive to protect privacy by acquiring and managing personal information in accordance with the Panasonic Group’s response manual, as well as by educating our employees.
Details of initiatives
Management of information assets
The department that created information or the person in charge of the department that received information from other parties, establishes the confidentiality, scope of disclosure, and handling of the information as the owner of the information, and protects the information appropriately. Information disclosed by and received from other parties under a confidentiality agreement will be managed as confidential information in accordance with the provisions of the Panasonic Group Global ISM (Information Security Management) Regulations and related rules. Departments that hold information will conduct periodic inventory checks to identify the confidential information and check its management status, thereby proving that the confidential information is properly managed in the Company.
Education and training
The Information Security Promotion Office regularly plans and implements education and training to prevent information leaks. Specific initiatives include e-learning using the Panasonic Group’s training systems and targeted attack e-mail drills. In our rank-based training, we also bring in outside instructors to train management and organizational leaders. Through these initiatives, we are working to thoroughly enforce our information security rules and raise employee awareness.
Audit and ISO27001 certification
The Information Security Promotion Office conducts internal audits in accordance with the Panasonic Group Information Security Audit Guidelines to confirm the implementation status of information security management measures in each department. When deficiencies are discovered, we provide instructions for improvement and monitor the situation. Acquisition or continuation of ISO27001 certification is determined by each business site based on the nature of its business, customer requirements, etc., and we annually review those business sites that must acquire or maintain the certification.
Compliance with laws and regulations, protection of personal information
We comply with laws, regulations, and other norms related to information security. In recent years, personal information protection laws have been enacted and enforced in many countries, and we believe that protecting personal information is an important matter. We strive to protect privacy by acquiring and managing personal information in accordance with the Panasonic Group’s response manual, as well as by educating our employees.
Corporate Governance
Pursuit of Quality and Product Safety
Compliance with Laws and Regulations
Corporate Governance
Pursuit of Quality and Product Safety
Compliance with Laws and Regulations
