情報セキュリティマネジメントシステム

Information Security Management System

As a recruitment and job search information service company that handles the personal information of job seekers, we believe that strictly managing various information including personal information is an issue of critical importance. In order to ensure thorough and continuous improvement of information management, we have established an information security policy and an internal system based on information security management.

We will continue to implement various measures to systematically and continuously improve the management of important information assets held by the organization and play our role as a company that induces trust in job seekers and recruiting companies. 

1. International Standards for Information Security Management System Acquisition of ISO27001 and JIS Q 27001 Certification

認証マーク
IS 97518 / ISO27001

On October 14, 2005, we acquired certification for the information security standard 「BS7799」 and the ISMS Certification Standard. Subsequently, on October 15, 2005, the ISMS Certification Standard was replaced by the international standard 「ISO27001, and the domestic standard JIS Q 27001 on May 20, 2006」.  We were assessed for transition to 「ISO27001」 (JIS Q27001) during continuation and expansion audits conducted in October 2006, and these certifications were acquired on November 27, 2006.

Coverage of the Certification
Head office and Sapporo, Sendai, Shinjuku, Shimbashi, Kitasenju, Digilabor(DX division), Shibuya, Ikebukuro, Tachikawa, Machida, Kawasaki, Yokohama, Shonan, Funabashi, Chiba, Kashiwa, Tsukuba, Utsunomiya, Omiya, Kumagaya, Takasaki, Shizuoka, Nagoya, Toyohashi, Kanayama, Gifu, Osaka, Kyobashi, Namba, Kyoto, Kobe, Hiroshima, Fukuoka, Kokura.
Certification Standards
ISO27001(JIS Q 27001)
Acquired Certification standardsISO/IEC 27001:2013(JIS Q 27001:2014)
Certification NumberIS97518
Date of RegistrationDate of initial certification registration:October 14, 2005(BS7799、ISMS)
Latest issue dateSeptember 2, 2022
Examination and
Registration Authority
BSI Group Japan Co. Ltd.
Certifying Bod

ISMS-AC(ISMS Accreditation Center)

 ANAB(ANSI National Accreditation Board)

Services Covered by the Certification

Development and operation of Internet-based job sites, provision of job information, planning and sales of fee-based job placement business and DX services.


2. Comprehensive information security education

We conduct information security training and drills appropriate to the scope of work and position.

Entry level training

We conduct ISMS/PMS training for all new employees, including temporary and part-time workers, to allow them to acquire the knowledge and understanding of measures related to information security and privacy, as well as our internal information security rules.

Training for new graduates

We have a program for new graduates, several hundred of whom are hired each year, to acquire basic knowledge and understanding of measures related to information security and privacy, as well as our internal information security rules, within the new graduate induction training.

Training for New Management

When appointed to a managerial position, we provide training to acquire the security-related knowledge necessary for organizational management.

Compliance Training

Compliance training is conducted once a quarter for all employees. The training incorporates knowledge of information security and other events recognized as important as appropriate.


3. Membership in the Japan CSIRT Council

In order to respond to increasingly sophisticated and frequent cybersecurity risks and to strategically and cross-sectionally promote incident prevention, early detection, countermeasures, and security measures at a growing organization, we established dip-CSIRT* and have been a member of the Japan CSIRT Council since April 2023. Through the activities of this council, we share security incident information and vulnerability information with other member companies and strive to improve the level of security.

 * CSIRT (Computer Security Incident Response Team): A dedicated team for dealing with computer security incidents.


4. Response to information security incidents

In the event of an information security incident, we promptly report it in accordance with the “Business Crisis Management Regulations“and have established a task force headed by the CEO to expeditiously and appropriately respond and prevent recurrence.