Information Security Policy

AMITA HOLDINGS CO., LTD. (hereafter, "AMITA"), complying with the following Information Security Policy, constantly pursues optimal measures to offer robust protection of information assets, and continually endeavours to obtain improvements in information security.

1. The building of an information security management structure

AMITA strives to protect information assets stored in-house, observing all laws, regulations and other rules pertaining to information security, and seeking to build an information security management structure that earns the trust of society.

2. Provision of in-house rules on information security

AMITA develops in-house rules based on this Information Security Policy, presenting a clear policy on the handling of information assets in general, as well as keeping people inside and outside the company well informed about AMITA's tough stance on information leaks and other related matters.

3. Realization of a system offering information security

AMITA builds and operates an information system that protects information assets against intentional or accidental unauthorized access, leaks, falsification, loss, destruction or other obstacles to use.

4. Implementation of information security education

AMITA arranges periodic information security education opportunities for corporate officers and all employees, and shall continue to provide education and training that enables employees to execute their everyday duties with a strong interest in, and understanding of, information security.

5. Robust system for administering subcontractors

When exchanging a contract with any subcontractor, the credentials of the subcontractor are thoroughly checked, and the subcontractor is requested to maintain a security level equivalent to, or stricter than, the level pursued at AMITA.

6. Strong audit structure

AMITA conducts in-house audits to determine compliance with the Information Security Policy and associated rules. In the pursuit of appropriate information management, the strict observance of every form of regulation pertaining to information security management is periodically checked and evaluated, and information security management measures are reviewed for propriety.

7. Scope of Information Security Policy

The "information assets" covered by this Information Security Policy refer to information that is obtained or comes to be known in the ordinary course of AMITA's business, as well as all the administrative information held by AMITA. As AMITA's "corporate officers and all employees" are engaged in handling and administering these information assets, they are required to comply with the Information Security Policy.