Free online consultation available. Please feel free to contact us.

Information Security Initiatives

Saison Technology Co., Ltd. (hereinafter referred to as "our company") has a mission of "Connect the world’s data and make it useful for everyone.." As a member of global society, we consider appropriate protection of our customers' and our own information assets, as well as countermeasures against information security risks such as cyber attacks, to be one of our most important management priorities.

Establishment of an information security management system

To ensure information security throughout the entire organization, our company has established a basic information security policy and has established an information security management system headed by the Representative Director. Under the Chief Information Security Officer (CISO), the information security management system establishes rules that organizations and employees must follow, and specific rules and procedures are observed in daily operations. Furthermore, we have organized a CSIRT comprised of members selected from within the company, which works in cooperation with stakeholders and external agencies and organizations to collect and respond to the latest information, as well as actively engage in educational and awareness-raising activities and information disclosure. The audit department is responsible for auditing the effectiveness of these activities.

Information security management activities based on ISO/IEC27001

Our company obtained the international standard for information security management systems (ISO/IEC27001:2022) in 2003. Since then, we have established an ISMS (Information Security Management System) in accordance with the requirements of the ISO/IEC 27001 standard, and we set information security goals at the beginning of each fiscal year and plan and implement activities based on the PDCA model.

ISO/IEC27001:2022 Certification Status

Registration number/registration date JMAQA-S030 (March 14, 2003)
Scope of certification and registration
  1. System development, system maintenance and management, support based on customer requests, and the provision of design and services combining these.
  2. Sales, design and development of packaged software, and provision of related services (technical support, training, implementation support, etc.).
  3. Design, development and implementation of XaaS.
  4. Providing center management services.
Applicable standards JISQ27001:2023 (ISO/IEC27001:2022)
Examination body Japan Management Association General Incorporated Association Examination and Registration Center
Registration expiration date March 13, 2027

CSIRT (Computer Security Incident Response Team) activities

In recent years, cyber attacks have become increasingly sophisticated, making it difficult to completely defend against them. In addition to information security management activities based on the ISO/IEC 27001 standard, we have launched a company-wide CSIRT in the fiscal year ending March 31, 2021. In addition, to further strengthen our response capabilities, we joined the Nippon CSIRT Association in June 2021. From fiscal 2022 onwards, we will continue to strengthen our response capabilities to security incidents by sharing cybersecurity case studies and vulnerability information, and conducting tabletop incident response training.