CSR / Environment

Information Security

Information Security

Fiscal 2018 Objectives Fiscal 2018 Achievements Self-Evaluation
  • Continue to maintain ISO 27001 certification
  • Develop a training system to tackle targeted e-mail attacks and fraudulent e-mail; carry out training for all employees
  • Maintained ISO 27001 certification (renewed June 30, 2018)
  • Developed and introduced a proprietary training system to tackle targeted e-mail attacks and fraudulent e-mail; carried out training for all employees twice
★★
Priority Objectives for Fiscal 2019
  • Continue to maintain ISO 27001 certification
  • After holding training that simulated targeted e-mail attacks and fraudulent e-mails, held individual preventative training for employees who had inadvertently opened the malicious e-mails sent during training
  • Self-evaluation: ★★★ Achieved more than targeted / ★★ Achieved as targeted / ★ Achieved to some extent

Sharp is working to ensure information security by setting forth a Global Basic Policy on Information Security for the safe and appropriate management and use of information and information systems.

As part of its efforts to enhance information security, Sharp also acquired ISO 27001 (IS 635826) certification on June 30, 2015 and has secured an appropriate information security management system.

Summary of Certification Activities

Organization Sharp Corporation
Scope of Certification
  • Planning, management and operation of call center service
  • Taking care of users’ complaints
  • Administration and operation of a web site to sell digital books
  • Administration and operation of an affiliated web site
  • Customer satisfaction service in photovoltaic generation system and energy related businesses
  • Implementation of in-company information management
Certification Number IS 635826
Certifying Body BSI Group Japan K.K.
Initial Certification Date June 30, 2015

Information Security Measures

In Japan, online sessions on information security are provided annually to all employees. In fiscal 2018, employees continued to learn about targeted e-mail attacks using actual incidents that occurred outside the company as case studies. This helped raise employees’ awareness of and preparedness for such threats in their daily work. Sharp developed and introduced a proprietary training system to tackle targeted e-mail attacks and fraudulent e-mail. Training in this system was carried out twice for all employees in fiscal 2018.

Sharp is also continuing with strengthening measures, such as a vulnerability assessment of publicly accessible websites. It is also addressing the issue of information leaks caused by targeted cyber-attacks as well as the accessing of illicit websites. The company is putting in place hacking countermeasures and using log analysis for early detection of fraudulent actions. In addition, to verify company-wide information security measures, Sharp also implements information security self-checks, and seeks to maintain and improve its level of information security.