Sustainability

Information Security

Information Security Measures

Within the NGK Group, proper management and operation of information assets is a collaborative effort carried out by the General Affairs Department and ICT Center, in conjunction with other relevant administrative divisions and in line with the Basic NGK Group Information Security Policy.
Every employee who uses computer or other information-processing devices as part of their job is provided with our Electronic Information Security Handbook and is encouraged in the proper use of their devices, as well as made aware of the need to contact the General Affairs Department and ICT Center if the devices are lost, infected with a computer virus, or otherwise compromised. Also, under the rules of employment, employees are subject to disciplinary action if their improper use of information devices results in the leaking of confidential information or some other result that significantly impacts the company.
Meanwhile, personnel from NGK’s ICT Center visit several Group companies each year to conduct on-site checks and provide guidance on their implementation of IT security measures. In fiscal 2020, due to the impact of the global COVID-19 pandemic, these visits to overseas Group companies were not carried out; however, online sessions were held with 12 Group companies in order to share with them the IT security enhancement policies and measures implemented by the Head Office, and a survey was conducted to ascertain the state of IT security-related device maintenance and operations at each company.
In order to further encourage IT security-related initiatives, a clearly defined committee body is scheduled to be established in fiscal 2021 to discuss related issues and measures.

Basic NGK Group Information Security Policy

Formulation of Basic NGK Group IT Security Standards

The rapid advance in information communication technologies and devices has made the quest for consistent IT security on a Group-wide level an urgent concern, thus in fiscal 2010 we formulated the NGK Group IT Security Standards with the goal of developing an IT security structure based on commonly shared Group standards and enhancing IT security.
Every year, each Group company drafts action plans for the enactment of countermeasures in an attempt to systematically strengthen security. Through these action plans, NGK confirms initiatives at each Group company and provides guidance as necessary.

Information Security Training

Training sessions are conducted throughout the year to ensure strict adherence to information security among all employees.
Training for newly hired employees and newly promoted supervisors and managers are offered to NGK employees while e-learning is offered to NGK employees and employees of some Group companies in Japan.

Item Number of participants Participation rate
Training for newly hired employees 147 100%
Training for newly promoted supervisors 118 100%
Training for newly promoted managers 55 100%
E-learning 5,320 100%

Note: Excluding employees who were away on maternity leave, childcare leave, long-term business trips, etc.

Ensure IT Security Against Cyberattacks

The NGK Group has built systems for protecting against and detecting cyberattacks. We are making the necessary capital investment and infrastructure upgrades so as to further strengthen the systems’ detection functions in fiscal 2021. We plan to carry out the necessary document enhancement and structural reinforcement to ensure we are prepared to deal with an IT security incident and can restore our IT systems. Following completion, annual training is planned that will teach employees how to handle IT security incidents.

Privacy Policy and Organization for Personal Information Protection

The NGK Group has established internal rules in an effort to ensure strict handling and management of personal information obtained from customers. In fiscal 2015, NGK formulated and published our Basic Policy on the Proper Handling of Specific Personal Information in response to the enforcement of the Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures. Moreover, our policies are in full compliance with the revised Act on the Protection of Personal Information, which came into effect on May 30, 2017.

Privacy Policy