CSR / Environment

Information Security

Information Security

Fiscal 2019 Objectives Fiscal 2019 Achievements Self-Evaluation
  • Continue to maintain ISO 27001 certification
  • After holding training that simulated targeted email attacks and fraudulent emails, held individual preventative training for employees who had inadvertently opened the malicious emails sent during training
  • Maintained ISO 27001 certification (renewed July 28, 2019)
  • After holding training for employees aimed at tackling targeted email attacks and fraudulent emails, held individual preventative training for employees who had inadvertently opened the malicious emails sent during training
★★
Priority Objectives for Fiscal 2020
  • Pass the certification renewal screening for ISO 27001
  • After holding training for employees aimed at dealing with Emotet malware emails, hold individual preventative training for employees who had inadvertently opened the malicious emails sent during training
  • Self-evaluation: ★★★ Achieved more than targeted / ★★ Achieved as targeted / ★ Achieved to some extent

Sharp is working to ensure information security by setting forth a Global Basic Policy on Information Security for the safe and appropriate management and use of information and information systems.

As part of its efforts to enhance information security, Sharp also acquired ISO 27001 (IS 635826) certification on June 30, 2015 and has secured an appropriate information security management system.

Summary of Certification Activities

Organization Sharp Corporation
Scope of Certification
  • Planning, management and operation of call center service
  • Taking care of users’ complaints
  • Administration and operation of a web site to sell digital books
  • Administration and operation of an affiliated web site
  • Customer satisfaction service in photovoltaic generation system and energy related businesses
  • Implementation of in-company information management
Certification Number IS 635826
Certifying Body BSI Group Japan K.K.
Initial Certification Date June 30, 2015

Information Security Measures

In Japan, online sessions on information security are provided annually to all employees. In 2019, the Emotet malware emails that have been attacking computers around the world were received by Sharp employees. In response, Sharp used actual cases to promptly share details throughout the company about Emotet and its distinct features, along with how to deal with these malicious emails. Sharp also developed and introduced its own training system to tackle these targeted email attacks and held training twice for all employees in fiscal 2019.

Sharp is also continuing with strengthening measures, such as a vulnerability assessment of publicly accessible websites. It is also addressing the issue of information leaks caused by targeted cyber-attacks as well as the accessing of illicit websites. The company is putting in place hacking countermeasures and using log analysis for early detection of fraudulent actions. In addition, to verify company-wide information security measures, Sharp also implements information security self-checks, and seeks to maintain and improve its level of information security.