Information Security
Policies
The NISSIN FOODS Group endeavors to manage and utilize a variety of information assets having defined a Basic Policy on Information Security that aims for safe and proper management of the information and information systems required to conduct business.
Regarding the management of personal information, the Group has established a Privacy Policy. All employees recognize that customers’ personal information is important information that must be properly managed with care. The Group does manage the personal information of customers properly and with care in addition to its compliance with laws and regulations, and guidelines issued by the concerned authorities relating to personal information.
Structure
Implementation Structure
The NISSIN FOODS Group has set up an Information Security Committee to advance information security measures across the entire Group. The committee bears comprehensive responsibility for the handling of information assets and management of information systems with the person responsible for execution, the chief information officer (CIO), formulating information security strategy and implementing measures. As secretariat, the Information Security Committee Office comprises employees from NISSIN FOODS HOLDINGS’ IT Planning, Group IT Governance, General Affairs, Corporate Communications, Finance and Accounting, Human Resources, and Legal divisions. Liaising with information security officers assigned to each division, the committee manages security for each Group company.
In the event of an accident or emergency relating to information security occurring at a Group company in Japan or overseas, information is immediately shared with the chief operating officer (COO), as chairperson of the Information Security Committee, and senior management, and work begins on finding a solution in accordance with defined procedures. In addition, various policies and measures relating to information security-related risks and countermeasures are discussed and finalized as required by the Board of Directors, which then issues instructions.
International standard ISO 27001 for information security management systems (ISMS) and the Cybersecurity Management Guidelines established by the Ministry of Economy, Trade and Industry were referenced in the building of an information security management structure. Employees registered as information security specialists—a national qualification relating to information security—strive to strengthen information security internally. Additionally, the Cybersecurity Strategy Office aims to strengthen security against cyberattacks by working to detect infiltration of networks and servers and undertaking other measures, such as employee education and awareness-raising and security risk assessments.
Initiatives
Information Security Education and Awareness-raising
The NISSIN FOODS Group regularly implements education programs, such as e-learning-based knowledge checks and security drills, to heighten security awareness in individual employees, prevent company losses, and retain society’s trust.
In addition, the latest information on information security is thoroughly communicated internally as effort is made to expand employees’ knowledge of the topic and raise the level of awareness.
- Main Information Security Education for FY2023
-
- ・Information security knowledge checks (e-learning or questionnaire format)
Coverage: Employees of Group companies in Japan (excluding KOIKE-YA) - ・Targeted email attack drill
Coverage: Employees of Group companies in Japan (excluding BONCHI, KOIKE-YA, AJINIHON, and UJI KAIHATSU DEVELOPMENT) - ・New employee training and new manager training
Coverage: Employees of NISSIN FOOD PRODUCTS (including employees on temporary assignment to companies such as NISSIN FOODS HOLDINGS, NISSIN CHILLED FOODS, and NISSIN FROZEN FOODS)
- ・Information security knowledge checks (e-learning or questionnaire format)
Security Assessment
To strengthen the security monitoring structure, internal infrastructure and e-commerce websites operated by the NISSIN FOODS Group are subjected to third-party vulnerability assessments.
Related Information and Data
Number of Cases of Customer Information Leaks
Fiscal 2023: 0
Coverage: Group companies in Japan and overseas