Basic Policy on Information Security

COVER Corporation (’the Company’) recognizes the importance of personal information and will manage it appropriately in accordance with this policy.

1 Purpose

As an information distribution company trusted by our customers and clients, we aim to ensure customer and client trust and minimize business losses by preventing customer and client information security incidents.

Results of Establishment and Operation of ISMS

Achieve a comprehensive security measure in terms of technology and personnel operation management.

  1. Improvements in employee skills (Risk management, general management skills, and information security knowledge)
  2. Clarification of liabilities (Strengthen the organization’s information security management system and information security measures)
  3. Management of commissionee (Compliance with laws and regulations, contractual terms and conditions, and information security)
  4. Improvements in ability to deal with emergencies

Implement efficient security measures from a comprehensive management perspective

  1. Appropriate management of information assets
  2. Establishment of risk management
  3. Maintenance and improvement in the organization’s information security level
  4. The activities above are expected to raise security awareness.

Result of Achieving ISMS Certification

  1. Ensure the trustworthiness of information security to third parties
  2. Leads to internal business competitiveness (e.g., improve bidding conditions and conditions for participation in e-commerce)
  3. Satisfy the governance required standards as a public company

2 Definition of Information Security

Information security means ensuring and maintaining confidentiality, integrity, and availability of the information.

Confidentiality: The characteristic of making information unavailable or private to unauthorized individuals, entities, or processes. (Protection against information leakage or unauthorized access.)

Integrity: The characteristic of protecting the accuracy and completeness of the asset. (Protection against falsification or errors in information.)

Availability: The characteristic of being available for access and use when requested by an authorized entity (organization). (Protection against loss or corruption of information and system outages.)

3 Coverage

[Organization]: COVER Corporation

[Facilities]: Head office, Studio

[Business]: VTuber production and operation business, character IP merchandising business, and licensing, Event operations business

[Assets]: Documentations, data and objects related to aforementioned businesses and services

4 Enforcements

Establish, introduce, operate, monitor, review, maintain, and improve an information security management system to protect all information assets in the applicable scope from threats (leakage, unauthorized access, tampering, loss, and damage).
Information assets shall be handled in compliance with applicable laws, regulations, and contractual requirements.
Prevention and recovery procedures shall be developed and periodically reviewed to ensure that business activities are not interrupted by a significant failure or disaster.
Education and training on information security shall be provided periodically to all employees in the applicable scope.

5 Responsibilities, Obligations, and Penalties

The Representative Director shall be responsible for information security. To this end, the Representative Director shall provide the resources the applicable staff members need.
Applicable staff members shall be obligated to protect customer and client information.
Applicable staff members shall follow procedures developed to maintain this policy.
Applicable staff members shall be responsible for reporting incidents and weaknesses in information security.
Suppose any staff member within the scope of this policy commits an act that jeopardizes the protection of information assets handled by the company, including but not limited to customer and client information. In that case, the staff member shall be punished in accordance with the employee work rules.

6 Periodical Revision (Continuous Improvements)

The information security management system shall be reviewed and improved regularly to adapt to changes in the environment.

Version 1.1
Date August 1st, 2024
Position Representative Director
Signed by Motoaki Tanigo

ISO/IEC 27001 JQA-IM1777
  • Top
  • Basic Policy on Information Security