Approach to ISO27001
We did the certification acquisition for ISO27001:2013 in order to fix the management system to information security in Daio Manufacturing. International standard ISO27001 about this information security management system (ISMS) is international standard that 2013 builds organized frame from the viewpoint of secrecy, integrity, availability of information for continuous improvement of information security and applies. It is intended or you protect information assets (including information that I took from customer) of company and build the system which can utilize information effectively and how you improve continuously.
|Organization name||Daio Manufacturing|
|The first time
Certification acquisition day
|April 2, 2015|
Certification update day
|February 22, 2018
(validity three years: on February 21, 2021)
|Registration document number||C2018-00593|
|Coverage||Key ring, accessories accessories, toy, manufacturing management, sale of these parts|
|Target office||All five places of domestic offices
|Examination register||Perry Johnson cash registers tola|
ISMS which Daio Manufacturing thinks about: How do you follow confidential information that I took from customer?
Because out source is doing all production processes in Daio Manufacturing, management of purchasing becomes lifeline. As for the design block copies of confidential extremely expensive information and character goods before product announcement that I took from customer, information will drift from us to overseas purchasing ahead said to that not only domestic purchasing ahead but also management is difficult. As these confidential informations do not flow out through purchasing, we conclude non-disclosure agreement (English: Non-disclosure agreement, abbreviated to NDA) beforehand and we inspect as needed and carry out management thoroughly. In addition, we try for securing of security about information tool including PC terminal and mobile device of employee.
ISMS: By information security management system work easily
We made manual of tie-down with introduction of information security management system, and only work of employee increased enormously, and business efficiency fell, and work did not turn around. We kept the making of structure to be simple, and to chip fat as much as possible as we got absolutely nothing out of it in thing called this, and to drop in mind. As a result, level of consciousness of employee for securing of information security increased, too, and mistake lost work easily at all because tidying around the body advanced more than before.
So that the authorized acquisition does not become purpose
ISMS: There is not information security management system for the purpose of certification acquisition. Important one promote continuous improvement after the certification acquisition. Introduction of IT society which accomplishes development rapidly. In conformity to external environment and internal system changing every day, we lose thing which became needless and take it if newly necessary part occurs. We will be ISMS in future: We will try for maintenance improvement of information security management system.