• Basic information security policy

With logistics service as the pillar of its business, each operating company under our company provides various services including transportation delivery of publications and collective consignment of logistics operations centered on pharmaceuticals and apparel, as well as moving, joint delivery, storage, disposal of confidential documents, and cash transportation and inspection.

As a company that manages and supervises each operating company, we believe that ensuring information security is an important mission in order to secure the trust of customers and investors and to continuously develop our business.

We will establish and operate an information security management system with the goal of protecting the confidentiality and integrity of important information, maintaining useability, and preventing the occurrence of security accidents such as information leakage and falsification. In order to make continuous improvements by regularly reviewing the operational status, clarify the roles and responsibilities related to information management, and perform appropriate operations, the purpose of information security and behavioral guidelines shall be established below.

Purpose of information security

  1. We aim to eliminate the occurrence of information security accidents by implementing appropriate information security management.
  2. If an information security accident occurs, we will endeavor to minimize the damage, recover quickly, and prevent recurrence.

Behavioral guidelines

  1. In order to establish and continuously improve the information security management system, we will clarify the risks associated with the loss of information security using the designated procedures and take appropriate actions to handle risk.
  2. We will clearly define our roles and responsibilities for information security and appropriately manage information assets.
  3. We will carry out education and enlightenment activities for all managers, employees, and related parties in order to make them aware of their responsibilities to maintain information security.
  4. We will monitor and record the implementation of our information security management system and increase certainty through regular internal audits and management reviews.
  5. If an information security problem occurs, we will immediately investigate the cause, minimize the damage, and strive to ensure business continuity.
  6. We will comply with laws and contractual obligations and other social norms regarding information assets and their handling.

Enactment: April 1, 2009
Revised: April 1, 2015
President: HARASHIMA Fujihisa

“Information security”
required of logistics companies

Due to the frequent occurrence of corporate scandals, ensuring information security is also required as a requirement for corporate governance.
When comprehensively undertaking or designing distribution center operations, we start by being entrusted with various information about the customer.

The Kanda Group believes that strengthening information security functions is one of the important management functions that logistics companies will be required to do in the future.

About ISO27001 Information Security

KANDA HOLDINGS Co., Ltd, which has become a holding company, will further strengthen the function of managing and controlling each group company under its umbrella. As proof of a trusted company that does not cause accidents or incidents related to information security, we have acquired the international standard ISO/IEC 27001:2013 certification for information security management system (ISMS) with our headquarters, which is where various information assets including customer information are concentrated, as the scope of certification.

Scope of certification

The certification of ISO27001 is acquired at the following bases, and the scope of certification is as follows:

KANDA CORPORATION Co., Ltd Headquarters
KANDA CORETECHNO Co., Ltd. Headquarters
Kanda Enterprise Co., Ltd.
Kanda Finance Co., Ltd.
K・COM Co., Ltd.
Kanda Hearty Service Co., Ltd.

Scope of certification
(1)Headquarters function that manages and controls the organization that provides logistics service
(2)Operation of a data center that manages logistics-related information such as customer ordering system
(3)Document storage service
(4)Management of delivery service
(5)Temporary staff service
(6)Cash/Securities transportation and delivery management, cash inspection service, change supply service, information processing service for aggregated data related to cash inspection
Declaration of application (Version 3)