Information Security Basic Philosophy

East Nippon Expressway Co., Ltd. strongly recognizes that our company's information assets are constantly exposed to various threats, and is committed to ensuring the security of important information assets including personal information In order to further solidify our relationship of trust with customers and society by engaging in information disclosure, we will establish the basic principles of information security here and promote company-wide efforts for information security measures.

Definition

Information assets refer to the information that we handle in our business activities and the information system necessary to handle the information.

Scope of application

This philosophy applies to officers, executive officers and employees, as well as employees of affiliated companies, temporary employees, and others who come into contact with our information assets.

Operation system

The Company establishes the rules for information security measures, establishes the person in charge of security measures, establishes an operational system for information security measures, and continuously carries out activities including maintenance and improvement.

Implementation of measures

We protect information assets from threats such as eavesdropping, intrusion, falsification, destruction, theft, and leakage, and take appropriate physical, human, and technical measures to ensure safety. If a security threat should occur to an information asset, we will minimize the damage and quickly investigate the cause to prevent a recurrence.

education

The Company will educate those who use information assets about necessary information security measures and maintain and improve their awareness of information security measures.

Evaluation and review

The Company regularly evaluates and reviews the contents stipulated in the regulations regarding information security measures, and strives for continuous improvement.

Compliance with laws and regulations

Officers, executive officers, and employees will comply with laws, regulations, norms regarding information security, and contractual obligations regarding security with customers.

In addition, in the contract concluded between the Company and an external business operator, the matters to be observed regarding information security measures will be specified.

Management responsibility

Officers take responsibility for ensuring the safety of information assets and taking measures by themselves.

Announcement

We will notify this philosophy to those who use our information assets and will also publicize it outside the company.