Information Security Policy

Last revised: 30 June 2022

Deloitte Tohmatsu Group is one of the largest professional services groups in Japan and aim to provide value to society, clients and talent under the management philosophy of “Fairness to Society”, “Innovation for Clients” and “Talent of People”. Deloitte Tohmatsu Group recognizes that protecting confidential information and other information assets provided in the course of business from threats such as loss, falsification, leakage, and unauthorized use is essential for the continuous and stable growth of its business activities. Accordingly, Deloitte Tohmatsu Group has positioned information security as one of the most important management priorities. In addition to applying cutting-edge technologies based on the standards of Deloitte, the global network, to the information system environment, each Deloitte Tohmatsu Group entity (Including Deloitte Tohmatsu LLC, Deloitte Touche Tohmatsu LLC, Deloitte Tohmatsu Consulting LLC, Deloitte Tohmatsu Financial Advisory LLC, Deloitte Tohmatsu Tax Co., and DT Legal Japan) has established the following policies on information security, which are thoroughly disseminated to all persons handling information. By so doing, we will achieve our management philosophy while maintaining and improving the trust of each stakeholder.

1. Each entity in the Deloitte Tohmatsu Group shall establish information security management structure, which is intended to cover its information assets held and managed in its business activities.

2. Each entity in the Deloitte Tohmatsu Group shall take controls to adequately protect information assets that the entity from the threats against confidentiality, integrity and availability.

3. Each entity in the Deloitte Tohmatsu Group shall comply with the laws, regulations and contracts related to information handling.

4. Each entity in the Deloitte Tohmatsu Group shall make awareness of importance of information security, increase awareness for adequate information handling, and continuously implement information security-related trainings for its partners and staffs.

5. Each entity in the Deloitte Tohmatsu Group shall make its effort to prevent information security incident (including information leakage, theft, loss, and alteration). If any incident occurred, we shall promptly respond in accordance with the procedures prescribed by Deloitte Tohmatsu Group, minimize the damage and take preventive actions.

6. Each entity in the Deloitte Tohmatsu Group shall regularly review and continuously improve its information security management system and its information security efforts to manage security risks associating with the changes of information technology as well as to address the legal and regulatory changes and new guidances established by the government.

 

Kenichi Kimura
Deloitte Tohmatsu Group CEO

* Deloitte Tohmatsu Group has been certified for ISO / IEC 27001, an information security management standard, since May 2017.