当社のリスク管理プログラムは以下の通りです。
<制作過程>
・制作過程で起きてしまった事故等に関しては、事故発生後翌営業日までに営業開発部長を中心とした「緊急業務ミーティング」を開催し、また、問題が生じていない場合でも、週に1回、営業部と制作部でミーティングを行っております。
<印刷過程>
・印刷及び配送時に起きた事故につきましては、各協力会社と合同で月1回定例開催される「品質向上委員会」とは別に「緊急対策会議」を実施することで事例を各現場に共有し、クライアント様への改善策の報告、
<Creation process>
- With regard to the incident etc. that gave rise to the creation process, a "emergency meeting" will be held on the following business day after the incident, centering on the operation development manager, and, if no problems arise, meetings are carried out once a week with the operations department and creation department.
< Printing process>
- With regard to the incident that occured during printing and delivery, by carrying out an "emergency strategy meeting" separately with the "quality improvement committee" that will be regularly held once a week in combination with each cooperating company, example cases will be shared at each site, and information on how to improve will be sent to the client.
<Production Process>
・In the event of an accident occurring in relation to the production process, the head of the sales development department shall chair an "emergency operations meeting" on the following business day. The sales departing and production department will hold weekly meetings, even if no accidents occur.
<Printing Process>
・In the event of an accident occurring in relation to the printing or delivery process, the partner companies shall cooperate to share details of the accident in a "Emergency Strategic Meeting", separate from the regular monthly "Quality Improvement Committee", and prepare a report on quality improvement strategies for the client
<During production process>
・ For accidents that occur during the production process, an "emergency operation meeting" will be held chaired by the Director of Sales Development Department one working day after the accident. Even if there is no accident, a meeting having the sales department and the production department once a week separately.
<During printing process>
・ For accidents that occur during printing and delivery, we will share each accident case with each site by holding an "emergency countermeasures meeting" in addition to the "quality improvement committee" that is held once a month having all of each partnering company also to report improvement measures to clients.
実施を可及的速やかに行っております。
<データ管理>
・サーバーは3時間毎にバックアップを行うシステムを組込んでいるため、徹底した安全管理を行っています。
・主電源がダウンのときは、予備電源に切り替わりシステム保全を行います。
・データ等の保存に関しては、サーバーとは別フロアに外部記憶媒体(MO、CD-R等)を使用し案件毎に保存・管理をしており、万一のサーバーダウン時にも外部記憶媒体に保存されているバックアップファイルを使用し業務を遂行いたします。
<Data management>
- The server incorporates a system that carries out a back-up every three hours, therefore, we are carrying out a thorough safety management.
- When the main power source is down, we will preserve the system by switching to a reserve power supply.
- To preserve data etc., we will use external memory media [MO, CD-R etc.] located on a separate floor than the server, and accomplish tasks by using back-up files stored in the external storage media, during the one-in-a-million chance when the server is down.
<Data management>
・As the server is tackling with system to backup every 3 hours, management is done thoroughly.
・When the main power supply is cut, system safety to change to standby power is used.
・As for storage of such as data, using an external storage medium (MO, CD-R, etc.) on each floor different from the server, and it is kept by each case/management, and if the server is cut, business is carried out using the backup file kept in the external storage medium.
<Data management>
*The server is full-service secured as the backup system is deployed every 3 hours.
*If main power fails, switch over to the backups as a redundancy to secure the entire system.
*On saving the data, external media such as MO, CD-R and so on will be utilised at other floors away from the server, to manage and save the data on each project. If any case for system failure happens, the use of backup files on the external media will make it possible to continue tasks.
・現在はバックアップデータ(デュアルサーバーを使用)を弊社内でのみ保持しておりますが、加えてGlobex Data S.A.社が提供している、強固なセキュリティを誇るクラウドサービスに保管を行っております。
・上記バックアップデータの他、印刷用のデータに関しましては、協力会社にも保管しておりますので、災害等の影響でオフィスが一時的に閉鎖しても、協力会社にて業務の継続が可能。
<パンデミック対策>
・担当者が発症・隔離された場合、他の者が引き継ぎ、日程に支障なく業務を遂行いたします。
-In addition to the above backup data, printing data is also stored at our partner company, so even if our office is temporarily closed due to a natural disaster, etc., we will be able to continue the business at our partner company.
<Pandemic measures>
・ If the person in charge has some infection and quarantined, another person will take over the responsibility and carry out the work without any delaying the planned schedule.
*Except for the backup data above, we will continue to work seamlessly at the affiliate company using printing data as saved also at the affiliated company as well if there is trouble for closing offices due to disaster and others.
<Measure for the pandemic>
*If any of our staff will be diagnosed as a coronavirus and isolated, the task will be handed over to other staff and we are sure we keep to work our daily task without any hindrances.
・1つのチームが隔離された場合は、他のチームが速やかに引き継ぎ、業務を遂行いたします。(状況に応じ在宅勤務や外注業者と共に業務を遂行いたします。)
・弊社がやむなく閉鎖された場合においても作業は在宅・外注業者によって継続することが可能ですので遠隔作業により原稿作成・印刷等支障なく業務を遂行いたします。
<個人データの安全管理、情報漏えいの取扱い>
・アクセス許可が与えられたPC以外はサーバーに入れない設定を構築しています(ファイル閲覧も不可)。
- Even if our company is unavoidably locked down, it's possible to continue work from home or by external vendors, therefore, we will accomplish tasks such as manuscript composition and printing etc. without hindrance by remote work.
<Safety management of personal data, handling data leakage>
- Settings are in place so that PCs that have not been granted access permission cannot enter the server. [Cannot view files either]
・ Even if our company office is unavoidably closed, the work will be continued via telework at home or from our venders office. so we can carry out the task such as manuscript creation and printing by remote work without any delay.
<Safety management of personal data, handling of information leakage>
-We have created an environment where only the certified PCs are permitted to access our server (file viewing is also restricted).
- In an event where our organization is suspended for unavoidable reasons, the task can be handled continuously by work-from-home/outsourced personnels. Hence therefore, tasks such as composing scripts, printing, and the like can be conducted via remote works without obstacles.
<Handling of individual data safety management and information leakage>
- A setting is built so that any pcs other than those granted with access cannot join the server (browsing files is prohibited, too).
・社内でも制作部門以外の部署のPCには、アクセス許可が与えられておりません。また、顧客情報等の重要機密ファイルを格納している各フォルダに関しては、部署毎にパスワードをかけ、課長職以上の管理職のみアクセス権限が与えられています。尚、フォルダのパスワードは2ヶ月毎に変更しております。
・外部進入、ウィルス対策などのサーバー管理については、専属SEが対応しております。
・サーバーのアクセス管理については、専属SEが管理し、定期的にアクセスログの報告を受領しています。
- With regard to server management of external entry, virus protection etc., we have set up a dedicated SE.
- With regard to server access management, the dedicated SE will manage it and regularly receive information on access logs.
-Dedicated SEs are handling the management of servers such as external intrusion and anti-virus measures.
-The server access management is controlled by the dedicated SEs. They are receiving the access log reports on a regular basis.
- As for server management against external threats and virus protection, a dedicated SE handles the matter.
- As for the server access management, a dedicated SE controls it and receives an access log on a regular basis.
*Server managers such as external intervention, measures for viruses are conducted by designated SEs.
*Access management of the server is conducted by designated SEs and receives the reports of access log regularly.
・メールはGoogle Appsを全社共通アプリケーションとして使用しておりますので、3ヶ月毎にパスワードの変更を行っております。また、退職者に関しましては退職日当日にパスワードを管理者が変更することで、流出防止に努めております。
・社内文書及び顧客情報につきましては、各営業個人の管理はもちろんの事、部署単位で漏洩防止の施策を講じ、機密文書として特定業者に処理を依頼しております。処理はシュレッダーにかけた上で裁断証明書を常に取得しております。
- As for internal documents and customer information, let alone each sales rep's control, anti-leakage measures have been created per department, and we outsource a specific vendor to dispose them as classfied documents. They are processed to be shredded and the shredded certificate is obtained on a regular basis.
・As for inner documents and clients' information, we take measures to prevent leaks based on department, as well as the management of each sales individuals, and as confidential documents, a specific agency is handling with them. Its processing is done by a shredder, and its cutting certificate is always obtained.
*About the internal documents and information of our customers, we are responsible with the management of individuals for all the sales staff, taking measures not to spill by the unit of each section, and the disposal process will be asked to the specific company as confidential documents. The shredded proof is obtained upon shredding the documents.
<教育>
・全部署に金融庁発行の「金融分野における個人情報保護に関するガイドライン」及び「安全管理措置等についての実務指針」に基づき講習会を開催しております。その講習会でデータ管理の方法等を議論し、決定事項については全社員共有のもと、安全な管理を実施しております。
・従業員に向けて、契約及び誓約書(6ヶ月以内の同業への不就職等)を交わしており、罰則も規定されております。
・年に1回、取締役会にてサプライヤー管理レビューの結果を共有し、評価に基づいた適切な管理・運用を行なっています。
・ The seminars are held based on "guidelines for the protection of personal information in the financial sector" and "practical guidelines for safety management measures" of the financial services agency in all departments. At the seminars, dater management methods and so on is talked and for the deciding matters are carried out safety management with all the staff.
・For employees, contracts and pledges ( such as non-employment in the same industry within 6 month) are signed and penalties are ruled too.
・Once a year, at the board meeting, by sharing results of reviewing supplier management, and based on the evaluation, appropriate management/operation are done.
・ All the departments are participating in seminars held in accordance with "Guidelines for the Protection of Personal Information in the Financial Sector" and "Practical Guidelines for Safety Management Measures" issued by the Financial Services Agency. At the seminar, we discuss data management methods, etc., and share corporate decisions with all employees to ensure safe management.
・ We have all our employees signed contract and make them pledges (such as non-employment in the same industry 6 months after leaving our company) which also stipulates penalties in case of breach of them.
・ Once a year, the evaluation report on supplier management are shared during the Board of Directors meetings held once a year so that most adequate management and operation will be carried out based upon the evaluation.
- Training is held for the entire departments based on "Guidelines pertaining personal information protection in the financial field" and "Practical guidelines concerning safety management measures, etc." issued by the ministry of finance. Methodologies for data management is discussed in the training session, and a safe management has been conducted while sharing those officially determined matters with all employees.
- An agreement and a written oath (prohibition of changing career to a competitor in the same business field within 6 months from the date of resignation) with employees, which prescribes penalties as well.
- Once a year, the result of the supplier management review is shared at the board meeting and an appropriate management and operation has been performed based on the evaluation.