In line with the Information Security Basic Policies, the Idemitsu Group is endeavoring to ensure the confidentiality of its information assets and to simultaneously secure the accessibility and security of its information systems and networks. Utilizing information technologies, Idemitsu is thus striving to maintain and enhance the level of customer services. In addition, Idemitsu has established the Customer Information Management Standards to appropriately collect and use customer information, keeping it up to date while safeguarding it. The standards also mandate the proper disposal of such information.
Furthermore, we mandate that every year all IT system users (including permanent and temporary employees as well as subcontractors) take “Security Standards for the Use of IT Systems,” an e-learning information security course aimed at ensuring that they practice thoroughgoing information management measures. At the same time, each department carries out an autonomous inspection of information management and data security audits are implemented on an annual basis as part of periodic internal audits. Should information leakage occur, the incident will be handled in accordance with the “Crisis Response Rules,” and the Information Control Guidelines.
We provide annual e-learning programs (in Japanese, English and Chinese) to instill information security rules that must
be observed by all. Targeting all IT system users at home and abroad, the 2021 round of these programs was implemented
during the January – March 2021 period and completed by a total of 15,755 people, or 100% of targeted
In FY2019, we also launched e-learning programs for employees tasked with handling or administering control systems. The 2020 round of this program was implemented during the January – March 2021 period and completed by a total of 5,297 people, or 100% of targeted individuals.
On a quarterly basis, we implement training focused on handling targeted e-mail attacks, with the aim of mitigating the risk of contracting computer virus infections borne by suspicious e-mails and raising cybersecurity awareness among employees.
We distribute the monthly cybersecurity newsletter via e-mail, calling employees’ attention to relevant cybersecurity-related topics and thereby raising their awareness.
Information Systems Department organized IT Summit 2019 in Sapporo from November 25 to 28, 2019. The purpose of this summit is to share knowledge on IT tools utilization as well as to enhance digital security awareness in performing daily business operations, mainly for IT PIC (person in charge) from Idemitsu’s overseas bases. It is our company’s 2nd IT Summit after holding the first one in Singapore in 2018.
Thirty participants from 16 offices in Japan and overseas attended lectures on effective use of Idemitsu’s internal IT system and security trends. They also shared the IT issues faced by respective offices and gained feedback from other participants. Security risks in daily operations and their countermeasures were also discussed proactively. All participants from various countries had a great opportunity to directly communicate and share information and knowledge with each other. IT plays an important role in our company to support sustainable business growth and in the future, and in the future we will focus on discussion regarding specific IT issues faced by respective departments.