• 
• 
• 
• 
• 

Firm management of information security system

IEST has developed a security system for the secure management of information, and indicates on its information asset register(s) the person who has obligations and responsibilities for information that it keeps on both its customers and IEST itself.

Compliance with information security rules

IEST is fully aware of its legal liability with respect to information that it keeps on both its customers and IEST itself, stipulates on its business plan report(s) rules to protect such information from unauthorized access, destruction, loss or leakage, and abides by such rules.

Publicity and education on information security measures

IEST educates its employees on the importance of information security measures.

Promotion of information security measures

Through appropriate risk assessments, IEST evaluates security risks with respect to information that the company keeps, and based on the results of such risk evaluation, IEST promotes necessary information security measures through action plan report(s).

Evaluation and review of information security measures

IEST regularly audits and evaluates the implementation status of its information security measures. In addition, IEST reviews the list of remaining information security risks, and maintains (or improves if necessary) its information security measures.