Principal Themes:Information Security

DNP Group's Basic Policy on Information Security

Our Group Corporate Philosophy is "The DNP Group connects individuals and society, and provides new value."
Based on this philosophy, we keep our eye on the long term and endeavor to develop business activities that will enable us to create a better future, in order to realize a better and more sustainable society and more enriching lifestyles. As we utilize information systems such as global computer networks in our business activities, apart from software and hardware malfunctions we face increased risks of computer virus infections and personal information leaks due to the cyberattacks that are becoming more advanced and devious each day. This makes it essential to further strengthen defenses, including towards our supply chain.
To achieve this, we have established the DNP Group Basic Policy on Information Security, including Cybersecurity.

  • The DNP Group views information security, including cybersecurity, as one of its key management priorities, and will make every effort to maintain and manage systems and data through the development of a management system and the implementation of employee education.
  • We will secure resources (budget, workforce, etc.) for information security, including cybersecurity.
  • In order to guarantee information security, including cybersecurity, we will identify risks and formulate plans for responding to those risks from the planning and design stages via security-by-design. We will also build a system designed to respond effectively to such risks, and work to continuously improve that system through the PDCA cycle.
  • In the event of an incident we will develop a cybersecurity incident response team and relevant procedures, as well as a business continuity and recovery team and relevant procedures in preparation for damage due to cyber incidents.
  • We will maintain an overall understanding of the status throughout the entire supply chain, including our business partners and outsourcing organizations, and implement risk measures.
  • We will gather information on information security, including cybersecurity, and implement multi-layered initiatives not only through our own autonomous self-help efforts, but also through the mutual aid entailed in our cooperation and collaboration with external organizations and other companies.
  • In promoting information security, including cybersecurity, we will comply with customer contracts as well as related laws and regulations.

Established: April 1, 2002
Revised: October 1, 2024

DNP Group Information Security Committee