[Information Security Policy]
In business development, RareJob Group positions information security as one of the key management policies and commits itself
to protecting information assets from threats so as to offer trust and security to all stakeholders.
Based on this policy, we establish the rules and management structure as the “Information Security Management System” to exercise
social responsibilities by executing and continuing information security activities.
1. Information Security
RareJob Group defines information security as maintenance of confidentiality, integrity, and availability of information assets. We identify the causes of information security risks from the aspect of threat and vulnerability according to the internal rules and take appropriate counter measures against the causes to mitigate the risks to tolerable levels.
2. Target of information security
All RareJob Group employees, officers and temporary workers comply with this policy.
3. Scope of information security
At RareJob Group, the scope of information security management is defined for each service. The information assets to be secured include confidential information acquired through daily operations, documents such as contracts, and intellectual property including know-how as well as the computers and network facilities related to the business operations under the management of RareJob Inc., the information system such as software, and data processed in the information system.
4. Internal structure for information security
Our Group organizes the Information Security Committee, assigns a manager to control the activities, and establishes an information security audit function to inspect the activities. We also have an emergency response framework with outside experts for possible information security incidents.
5. Information security controls
In adopting information security controls, the whole organization of RareJob Group acts as one. Our efforts include organizational management such as establishment of framework and procedures, human resource management including education and training for employees, physical and technical management in receiving and storing information assets. When outsourcing all or part of the business, we will make a contract, etc. to fully evaluate the accuracy as the business consignee and maintain the same security level as our company. In addition, in order to continuously confirm that these security levels are properly maintained, we will conduct regular audits of outsourcing companies, and review the management system.
6. Compliance with laws and regulations, and contracts related to information security
RareJob Group conducts information security activities in compliance with relevant laws and regulations such as the Act on Protection of Personal Information, Unfair Competition Prevention Act, and Copyright Act, and other guidelines and regulations. We also act in conformity with requests from stakeholders regarding information security. In addition, we will strive for appropriate information management by dealing strictly with any violations.
7. Continual improvement of Information Security Management System
Our Group regularly reviews the Information Security Management System to protect information security from new type of threats stemmed from social changes and advancement of information technology. We also ensure to maintain and continually improve information security by taking preventive and corrective actions.
RareJob Group Top Management
July 1, 2019