Information Security

Goals and Achievements of Major Initiatives

Objective of initiative Goals for fiscal year 2016 Achievements in fiscal year 2016 Evaluation Goals for fiscal year 2017
Establish a global information security framework. ・Support ongoing efforts to uphold and deploy information security management configurations for the Asia–Pacific region and Greater China.
・Promote ongoing measures to achieve consistency between the Sun Chemical and DIC Group information security guidelines and management configurations and encourage application.
・Revise and enforce rules that respond to the growth of cloud computing and other new ways of sharing information.
・The introduction of information security management guidelines was completed in Greater China, while efforts to deploy such guidelines continued in the Asia–Pacific region.
・A comparative study of the information security rules, standards and promotion systems of the Sun Chemical Group and DIC was completed.
・Common ICT-related usage and management guidelines were formulated for Japan, the Asia–Pacific region and Greater China.
★★ ・Deploy common ICT-related usage and management guidelines in Japan, the Asia–Pacific region and Greater China.
・Commence the implementation of measures to reinforce information security in the Asia–Pacific region.
・Create a framework for the implementation of measures to strengthen BCPs.
  • Evaluations are based on self-evaluations of current progress. Key: ★★★ = Excellent; ★★ = Satisfactory; ★ = Still needs work

Basic Approach to Information Security

Basic Approach to Information Security

The DIC Group has positioned information security as a key management priority and established a Basic Policy on Information Security, which is founded on its recognition that protecting information assets that belong to or are managed by the Group is essential to its ability to conduct business. In line with this policy, DIC has formulated and implemented confidential information management regulations and information management guidelines. (The regulations and guidelines were created in Japan in fiscal year 2010. Deployment in Asia and Oceania commenced in fiscal year 2015.)
The DIC Group works to ensure that directors and employees use the Group’s information assets appropriately in the course of business and appropriately handle confidential information. The Group also pursues continuous improvements by conducting internal audits to confirm current issues and identify risks.

Globally Maintaining and Enhancing Information Security

Initiatives in Japan

Since fiscal year 2014, DIC has promoted revisions aimed at creating a system for responding to targeted cyber attacks and other critical risks to its information security. In fiscal year 2016, the DIC Group continued working to update rules for addressing security threats arising from cloud computing, smart devices and other emerging IT technologies. The Group will press forward with efforts to revise rules to accommodate changes in working styles and other developments attributable to the progress of digitization.
The DIC Group currently provides information security training to employees at point of hire and when promoted, which is completed by approximately 200 individuals annually. Preparations are also under way to develop an e-learning program and implement information security awareness initiatives targeting employees Groupwide.

Initiatives in Asia and Oceania

In fiscal year 2016, the DIC Group formulated information and communications technology (ICT) usage and management guidelines for Asia and Oceania. By promoting the deployment and firm establishment of these rules, the Group will continue working to reinforce the information security measures of DIC Group companies in these regions.

Initiatives in the Americas and Europe

Having recognized information security as a challenge of vital importance, the Sun Chemical Group, which oversees operations in the Americas and Europe, works continuously to ensure business continuity and mitigate risks to its information systems and the confidentiality, integrity and accessibility of its data. In fiscal year 2016, the Sun Chemical Group took steps to expand its existing information security system and made infrastructure investments aimed at facilitating prompt post-disaster recovery. The group also modified its information security policy and countermeasures to facilitate effective responses to ever-more extensive and sophisticated information security risks.

Safeguarding Information Security Environments in Asia and Oceania

As part of a larger effort to advance and strengthen its global information security capabilities, the DIC Group has developed an overall plan for introducing a security system for Asia and Oceania based on a unified infrastructure. In fiscal year 2017, the Group will begin building country-specific management systems with the aim of combating, among others, computer viruses and software vulnerabilities.

VOICE

We are working to ensure and enhance information security in Southeast Asia and Oceania.

In addition to being in charge of the IT help desk for Southeast Asia and Oceania, I am involved in efforts to devise and firmly establish various information security measures across the region.
Ensuring internal information security is critical to the successful expansion of a company’s operations. For this reason, we must devote considerable attention to creating a framework for protecting the various types of data we handle. Accordingly, we are promoting regional infrastructure improvements with the aim of guaranteeing a superior level of data security. We are also working to deploy and firmly establish regional ICT usage and management guidelines to further improve the security of our information.

IT Manager of PT. DIC Graphics,AP - IT Helpdesk Head Revi Septiana Rachman

IT Manager of PT. DIC Graphics,
AP - IT Helpdesk Head
Revi Septiana Rachman

VOICE

Our efforts focus on enhancing information security in Southeast Asia and Oceania.

I help enhance IT environments in Southeast Asia and Oceania, including maintaining and improving information security, consolidating IT infrastructure and further aligning and expanding the operational and maintenance structure of our SAP system.
Because we are in charge of overseeing subsidiaries in the region, we sought to deploy confidentialinformation management regulations, as well as information management guidelines, among regional subsidiaries. As a regional headquarters that coordinates 16 subsidiaries in 10 countries with diverse cultures and customs, we will continue working to improve information security by, among others, unifying security measures in the region.

DIC Asia Pacific Pte Ltd Regional Chief Information Officer Hidefumi Ito

Regional Chief Information Officer,
DIC Asia Pacific Pte Ltd
Hidefumi Ito

VOICE

We are working to improve information security in Greater China.

We are tackling the rapid development of virtualization technology and cloud computing by promoting a network integration plan in Greater China. We are also deploying the Basic Policy on Information Security, management regulations for confidential information and information management guidelines at regional subsidiaries with the aim of creating an internal management system that will ensure the security of all information. This is one of several key medium- to long-term projects and will enable us to develop global and regional information systems that meet our business needs as well as satisfy Group security requirements.

Corporate IT Director, DIC (China) Co., Ltd. Tylone Zhou

Corporate IT Director, DIC (China) Co., Ltd. Tylone Zhou

TOPICS DIC Earns Japan Institute of Information Technology Award

IT Management Award certificate
IT Management Award certificate

The Japan Institute of Information Technology (JIIT) recently awarded DIC an IT Management Award for fiscal year 2013,in recognition of its move to absorb its information systems subsidiary with the aim of ensuring effective IT governance. DIC accepted the award at JIIT’s 2014 IT Management Conference, which was held February 6–7, 2014. A representative of DIC also gave a lecture at the conference.
In Japan, it is common for companies to use information systems subsidiaries to create IT systems. The downside of this is that many companies that have spun their IT systems development departments off as affiliates now face a challenge in implementing effective IT governance groupwide. Acknowledging that realizing effective IT governance would require elevating the position of information systems operations within corporate management, DIC took the decision to absorb its information systems subsidiary and refocus resources on systems planning and engineering. The IT Management Award was in recognition of these efforts.

Notes:

  • 1.The Japan Institute of Information Technology (JIIT) is a public interest association established in July 1981 that conducts R&D on corporate applications of IT, as well as disseminates and promotes the practical implementation of its findings.
  • 2.JIIT sponsors the Information Technology Awards (named the OA Awards until 2000), which recognize companies, institutions, operations, divisions and individuals for outstanding efforts and results in using IT to revamp operations. One of these is the IT Management Award, given to entities that have leveraged IT as an innovation tool to effect management transformation or achieve a dramatic increase in productivity.

Sustainability>

Global | HOME > Sustainability > The DIC Group’s Sustainability Program > Sustainability Management > Information Security