Basic Policy on Information Security

May 15, 2017

The primary businesses of Funai Electric Co., Ltd. (hereinafter, the "Company") involve the research and development of electronics technologies, manufacture, sales and OEM supply of audiovisual and information equipment that provide a base for digitization. As such, information related to customers of the Company that handle these business processes, as well as internal information, is extremely Confidential. The Company, which handles such information, has an important mission to strictly maintain the confidentiality of this information in order to ensure the trust of its customers and investors and sustain its business development. Furthermore, the Company must ensure that all employees involved in these operations understand their responsibility to maintain Confidentiality.

Consequently, the Company protects the secrecy and completeness of important information, including that of its customers. The Company has put in place an Information Security Management system designed to prevent the occurrence of security incidents such as information leaks and falsification, and the Company ensures that all employees conduct operations in accordance with this Basic Policy on Information Security. The Company’s management team has prepared necessary management resources to this end. Furthermore, we have formulated the following policies to periodically review the status of operations and ensure their ongoing improvement.

  1. The Company shall set the information security management system targets and create an organization in which the management team promotes and improves this system. At the same time, we shall clearly identify roles and responsibilities for the control of information and operate appropriately.
  2. Employees shall comply with the Basic Policy on Information Security and related regulations, legislation and customer agreements, and shall behave responsibly.
  3. The Company shall regularly conduct information on security education and training for subject personnel.
  4. The Company shall define Risk Assessment Procedures that clearly identify risks to information assets and enact appropriate risk countermeasures.
  5. The Company shall periodically conduct internal audits and management reviews related to the operation of its Information Security Management System, evaluating performance against targets and making any necessary improvements.
  6. The Company shall formulate and maintain a business continuity plan to support business continuity from an information system perspective in the event of a widespread disaster.
  7. The Company shall take consistency with internal controls into account when formulating and operating an Information Security System.
  8. Recognizing the importance of the information it handles, the Company shall discipline employees who contravene regulations, legislation, contracts and other items related to the Basic Policy on Information Security in accordance with employment regulations.