Roland DG utilizes digital data in a wide range of applications including sales support and company-wide management. There have been an increasing number of problems in recent years involving the leakage of information due to cyber-attacks or security breaches such as the transmission of targeted emails. Roland DG has defined rules and is developing a system for information security to ensure appropriate protection of information related to customers and suppliers as well as company business with the aim of maintaining smooth business operations.
Global Information Security Policy
The Global Information Security Policy has been defined as the guiding principles for information security throughout the Roland DG Group. This policy sets out compliance rules that form the core of information security measures for the Roland DG Group, and is designed to maintain and protect the confidentiality, integrity and availability of information resources including personal information. This serves to prevent business losses of the Roland DG Group and erosion of social credibility, and provides an environment where employees are able to perform their duties with peace of mind.
Establishing and Implementing Internal Regulations
Roland DG has established "Information Management Regulations," "Information Systems Management Regulations/Global Information Security Management Regulations" and "Information Equipment Security Regulations" in line with the Global Information Security Policy. Information Management Regulations outlines definitions for the information being handled, including confidential information, internal information and business information, and sets forth rules on their disclosure, inspection, distribution, reproduction, storage, disposal, and other methods of handling the information. Rules also cover how to respond to incidents like information leakage as well as auditing and inspection methods, review methods for handling information, and internal education and guidance. Information Systems Management Regulations outlines rules for handling information equipment and systems, as well as rules for their proactive "utilization" to achieve management goals in addition to their "protection."
Information Security Management System
The RULES FOR INFORMATION MANAGEMENT appoint the President and Representative Director as the Chief Information Officer, and the Director in charge as the Information Management Officer. A system has been established where the department in charge of information management is the principle, and the related departments provides support for the principle.
Organizing Ongoing Inspections and Training
Once every year, Roland DG conducts inspections of information it handles. Training for information management is also organized regularly to provide guidance on information management to ensure that each and every employee has a thorough understanding of the basic principles of information security.
Compliance with Laws Regarding Personal Information Protection
Roland DG ensures compliance with the General Data Protection Regulation (GDPR) of the EU. Compliance is progressing with the coordination of local law firms and sales subsidiaries. The Company also complies with the Protection of Personal Information Act of Japan.