- TOP
- Sustainability
- Information Security
GovernamceInformation Security
CTI Engineering Group Information Security Policy
Declaration
In recent years, the amount of information handled via electronic media and networks has expanded, triggering concerns about the possibility of incurring enormous losses when information is lost, destroyed, or leaked due to disasters, malfunctions or failures, negligence, intentional misconduct, and other risks. We believe that promoting information security measures is not only our responsibility to our clients, but also our responsibility to society as a company that plays a role in the creation and maintenance of public works.The CTI Engineering Group is always aware of threats that may arise due to the improper operation and management of information and information systems. We have established the “CTI Engineering Group Information Security Policy,” with which we comply.
Positioning of the Information Security Policy
In order to protect our information assets from the threat of security risks, the CTI Engineering Group enforces the CTI Engineering Group Information Security Policy as its most basic and universal measures for information security.
Proper operation and management of information systems
The CTI Engineering Group complies with all applicable laws and regulations, properly operates and manages the various information and information systems handled in the course of its business activities, and protects its information assets from external and internal risks.
Staff responsibilities
All staff who use the CTI Engineering Group’s information assets are fully aware of the seriousness of information risks and the importance of information security in their daily business activities.
Instruction of subcontractors
The CTI Engineering Group also instructs subcontractors who use the Group’s information assets on the proper operation and management of information assets and systems owned by the Group.
Responsibility structure and systems
The Representative Director and President, CEO, as the Chief Information Security Officer (CISO) of the CTI Engineering Group, guides the operation and management of information assets and systems. In addition, the Information Security Council is established in order to build a Group-wide information security system.
Implementation of training
The CTI Engineering Group improves information security literacy by providing information security training to staff and related personnel who handle the Group’s information assets so that they are able to respond to changes in the information environment. We also recommend information security training to our subcontractors.
Practice of the PDCA cycle
The CTI Engineering Group evaluates the implementation of information security measures and new risks, etc., reviews the operation and protection of information assets and information systems as well as the structures for their management when appropriate, and also reviews the CTI Engineering Group Information Security Policy on an as-needed basis.
Tatsuya Nishimura, Representative Director and President, CEO
Information security measures
Membership in the Japan CSIRT Association (NCA: Nippon CSIRT Association)
We are pleased to announce that CTI Engineering Co., Ltd.'s official membership in the Nippon CSIRT Association (NCA) was approved on October 1, 2025.
Sharing information and collaborating with member organizations within the NCA will enable us to respond swiftly to domestic and international cyber threats. In addition, we will incorporate security-related operational expertise and best practices to further enhance the security and reliability of our service offerings.
Overview of our CSIRT structure
| CTI-CSIRT | |
| Name of member organization | CTI Engineering Co., Ltd. |
| Member since | October 1, 2025 |
| Main activities |
|