Basic Policy on Information Security

Inti Inc. (hereinafter, the “Inti”) provides advertising agency services, marketing, and sales promotion to clients targeting foreign residents in Japan, with the goal of becoming a permanent partner in solving clients’ problems and leading their businesses to success in terms of customer development and market growth. We consider information security to be one of the most crucial challenges in the regular and smooth operation of our business activities. Therefore, we have established this Basic Policy on Information Security and will continue to build, implement, maintain, and continuously improve an information security management system (“ISMS”).

1. Definition of Information Security
Information security is defined as the successful maintenance of information assets while ensuring their confidentiality, integrity, and availability.

2. Objectives of Information Security
Inti aims to adequately protect information assets from a wide range of possible intentional, accidental, or environmental (natural) threats and considers information assets to be the most important thing to protect in our advertising agency services, marketing, sales promotion, and other business activities.

3. Scope
The scope of application shall include all information assets under the control of Inti.

4. Basic Policy
(1) Establish the ISMS Basic Policy and Information Security Objectives to reduce information assets risks to acceptable levels as a company. Develop, implement, evaluate, analyze and continuously improve an ISMS plan based on this policy.
(2) Clearly identify and comply with information security measures required by law and the information security obligations under the company’s business contracts in conjunction with the ISMS. However, if the law requires the information to be disclosed, disclose the minimum necessary information with the approval of the information management officer.
(3) Implement an organizational structure for information security necessary to build and maintain an ISMS and establish an information security education and training system to improve the risk management environment for information assets and employees’ awareness of information security. In doing so, the management will provide adequate resources to manage such efforts. Furthermore, an information management officer shall be delegated the responsibility and authority to implement, maintain, and improve the ISMS.
(4) Set up criteria for assessing risks, establish risk management procedures, and perform risk assessments for information assets. The risk management procedures will set the criteria for evaluating risks while the management will determine the acceptable risk levels.

August 31ˢᵗ, 2022

Takayuki Inoue
CEO of Inti, Inc.