To protect information assets from various threats and to fulfill its social mission, SCSK has established and is operating the Information Security Management System. We are continuously evaluating risks to information assets and ensuring the effectiveness of countermeasures for these risks. To ensure that each of our employees, as well as everyone that does business with SCSK, understands our Information Security Management System, including the Basic Policy, we engage in extensive educational activities, such as holding training courses on information security and the protection of personal information. We also require our subcontractors to adhere strictly to the Information Security Guidelines that we have established, in accordance with article 22 of our Commercial Transactions Code, and we are working to prevent occurrences of issues related to information security. Furthermore SCSK's Information Security Management System has received ISO 27001：2013 certification.