As a member of NEXCO Central Nippon, Central Nippon Highway
Engineering Nagoya Co., Ltd. provides customers with safety, security
and comfort via our maintenance and inspection services.

Central Nippon Highway Engineering Nagoya Co., Ltd. (hereafter referred to as "the company") strongly recognizes that information assets held by the company are always under threats from various sources. To ensure the security of the information assets such as personal information and company information, and to be trusted by its customers as well as society, the company establishes here information security policy and implements company-wide actions for information security measures.

Definition

"Information assets" refers to information handled in all business activities of the company and all information system required to be handled by the company.

Scope

This policy applies to all persons including officers and employees of the company, service providers, visitors, affiliated companies or any other organizations/persons involved with information assets of the company.

System set-up

The company runs all necessary actions to enforce information security measures including establishing information security regulations, nominating information security officer, and any other business to maintain and improve information security.

Information security enforcement

The company will protect information assets from all threats including eavesdropping, intrusion, tampering, destruction and theft or leakage, as well as take suitable physical, human and technical measures to ensure the security of the information assets. In case of the occurrence of a threat to the information assets security, we will endeavor to minimize any damages, quickly investigate the cause of the threat and prevent a recurrence.

Training

The company will provide necessary training and practice to all its members to maintain and improve their awareness of information security measures.

Evaluation and Review

The company continuously improves information security regulation by conducting periodical reviews and evaluating for all contents addressed in the information security regulations and any other necessary improvement.

Regulatory compliance

All company members will comply with laws and regulations related to this information security policy. Contents related to compliance matters also must to be addressed in external business of the company.

Management responsibility

Management actions are enforced to ensure the security of information assets.

Publication

The company will inform this information security policy to all person using our information assets as well as to the public.