ROUTE06

Security Policy

Basic Philosophy

ROUTE06, Inc. (hereinafter referred to as "ROUTE06") operates under the philosophy of "Define the route to the future". The information assets we handle in the course of our business, including customer information, are extremely important as the foundation of our management. All directors, officers, employees, and other individuals handling ROUTE06's information assets are required to recognize the importance of protecting these assets from risks such as leakage, damage, and loss. They shall comply with this policy and engage in activities to ensure information security, focusing on the confidentiality, integrity, and availability of information assets.

Basic Policy

  1. To protect information assets, ROUTE06 will establish an information security policy, along with relevant rules and regulations, and conduct our business in accordance with these policies. ROUTE06 shall comply with all applicable laws, regulations, and contractual obligations related to information security, as well as the terms of contracts with our customers.
  2. ROUTE06 will define clear criteria for analyzing and assessing risks such as leakage, damage, or loss of information assets. ROUTE06 shall establish and implement a systematic risk assessment methodology, conducting regular assessments at least annually. Based on the results, we will implement necessary and appropriate security measures.
  3. ROUTE06 will establish an information security system led by a designated director and clearly define authority and responsibilities related to information security. In addition, ROUTE06 shall provide regular, mandatory information security training to all employees, contractors, and relevant third parties to ensure they understand the importance of information security and handle information assets appropriately.
  4. ROUTE06 will regularly inspect and audit the status of compliance with the information security policy and the handling of information assets, and promptly take corrective actions for any deficiencies or improvement items found.
  5. ROUTE06 shall maintain a comprehensive incident response plan, which will be regularly tested and updated. This plan shall include procedures for prompt notification of affected parties in accordance with applicable laws and regulations. In the event of an incident, we will have pre-established procedures to minimize damage, and in an emergency, we will respond promptly and implement corrective actions. We will also ensure business continuity by establishing a framework to manage incidents, particularly those that could disrupt operations, and by conducting regular reviews.
  6. ROUTE06 shall establish, implement, and maintain an Information Security Management System (ISMS) aligned with recognized standards such as ISO/IEC 27001. This ISMS shall be subject to regular internal audits and management reviews to ensure its continued suitability, adequacy, and effectiveness.

Established on August 17, 2022

ROUTE06, Inc.
CEO Takafumi Endo