ESG

Information Security

Development of a Management System

The Company set up the Dentsu Group Basic Policy for Information Security and a very strict information security management system to protect the Group’s important data, as well as personal and other information received from clients. The Company has compiled information management and other rules. Company officers and employees are made aware of these and are expected to comply with them. The Company also provides training for new graduate employees and briefings for employees, distributing videos and pamphlets to raise awareness. Given the importance of managers in information management, the Company has also started a new manager training course to educate managers about their roles and responsibilities.

To enhance information security, a total of 49 Dentsu Group companies, including Dentsu, have obtained certification under ISO/IEC 27001:2005 and JISQ 27001:2006, international standards for information security management systems (ISMSs). Dentsu strives to implement stringent information security management for the entire Dentsu Group, to flexibly respond to the ever-changing and increasingly sophisticated environment of information and communication technology.

Information Security Management System

Dentsu Group Information Security Basic Policy

Group member companies address information security in all business areas, by putting in place policies and procedures to systematically manage sensitive data. They recognize the role of information security management in protecting important information.

  1. Compliance with Laws
    Based on requests from our stakeholders, including clients and business partners, we properly address information security management to ensure compliance with relevant laws and regulations. In particular, personal information is strictly managed.
  2. Strict Information Management
    We will strictly manage information to prevent any leakage, loss, damage or misuse of information, such as confidential client information and personal information. We share such business information only among employees and Group companies with appropriate clearances. In selecting our subcontractors, we take into consideration how they are addressing information security.
  3. Maintaining and Improving Achievement Levels
    We intend to maintain our current security level and improve it through our PDCA cycle activities. We educate all of our employees, from executives down, regarding information security, so that they can acquire the appropriate knowledge and develop the necessary judgment.
  4. Adaptation to Environmental Change
    We will continue to update our information security management system and concomitant rules even as we take a flexible approach to environmental changes in our Group’s business areas, the information assets handled by our Group, and developments in the area of information and communication technology (ICT).

© 2017 DENTSU INC. ALL RIGHTS RESERVED.