The information we have accumulated, including clients' personal information, is critical to our business activities and requires a rigorous system of controls. Each Nomura Group company has an information security policy and employee training and awareness programs are in place to keep information secure, and will continue to do its utmost to ensure the protection of client data. Nomura Holdings, Inc. has established a new Group Information Security Committee so as to continue developing initiatives for information security measures at Nomura Group companies, and is promoting a unified approach within the Group.
Appropriate management of client data is essential in order for Nomura Group to keep the trust of our clients and shareholders, and systems are in place to manage client information. Going forward, we will work not only on information security measures, but also continually strive to enhance our information asset risk management system.
The Nomura Group Information Security Policy stipulates the basic policies on information security, and exists to achieve appropriate information security. Each Nomura Group company also has its own information security related rules in place that are in line with the Policy. Management policies for information provided to customers are tailored to suit individual companies' particular businesses.
Specific rules on information security are posted on the Company intranet for all officers and employees to review.
The Information Security Committee was established to deliberate on key information security issues confronting Nomura Group, and is chaired by an executive officer appointed by the CEO. The Committee is comprised of Nomura Group officers and employees selected by the Committee Chairperson. The Committee reports to the Group Management Committee regarding the details of deliberations when necessary.
All Nomura Securities Co., Ltd., Nomura Asset Management Co., Ltd., and Nomura Trust and Banking Co., Ltd. department and branch office heads serve as Information Security Managers, and are responsible as personal data controllers as defined by the Financial Services Agency. These Information Security Managers are responsible for the security and proper management of information assets handled by their work area and for properly training their staff in this regard.
Act on the Protection of Personal Information went into full effect in April 2005. Nomura Group handles personal information about its many customers, and efforts regarding personal information are very important. We handle customers' personal information with extreme care, complying with personal information protection-related laws and regulations as well as Nomura Group Privacy Policy and the aforementioned information security-related rules.
