Home > Security Policy

Central Nippon Highway Engineering Tokyo Company Limited strongly recognizes that the information assets in its possession are constantly under threat from various sources. To ensure the security of personal data and all other important information assets, and to further reinforce trust with its customers and society as a whole by actively disclosing information, the Company has defined the following Information Security Policy and implements companywide information security measures accordingly.

(Definition)
The term “information assets” refers to information handled by the Company in the course of its business activities and all systems required in order to handle the relevant information.
(Scope)
This policy is applicable to all persons who come into contact with information assets in the possession of the Company, including employees working for affiliated companies and temporary employees as well as the Company’s own officers and employees.
(Operating framework)
The Company will put in place the necessary operating framework to implement information security measures, including formulating information security regulations and appointing an information security officer, and will continually work to maintain and improve information security.
(Measure implementation)
The Company will protect information assets from all threats, including eavesdropping, intrusion, falsification, destruction, theft, and leakage, and will take adequate physical, human, and technical measures to ensure their security. In the event of a threat to the security of information assets, the Company will make every effort to minimize any loss or damage, quickly identify the cause of the threat, and prevent a recurrence.
(Training)
The Company will provide necessary information security training for all persons handling information assets and will continually work to maintain and raise awareness of the need for information security measures.
(Evaluation and reviews)
The Company will regularly evaluate and review its information security regulations and continue to make any necessary improvements.
(Regulatory and legal compliance)
All officers, employees, and other related parties will comply with information security legislation, rules, and regulations, and any other obligations set out in security agreements concluded with the Company’s customers. Information security obligations will also be clearly stipulated in contracts concluded between the Company and outside contractors.
(Management liability)
Directors will take responsibility for ensuring the security of information assets and implement information security measures by themselves as role models.
(Disclosure)
The Company will inform all persons handling information assets of this policy and make details of this policy available to the public.
To top of page