Information Security Principle

Last revised: 11 August 2021

Each entity in the Deloitte Tohmatsu Group has been arranged efforts for its information security management system as one of the critical items of its business activities, and is aware of necessity and materiality of protecting client and Deloitte information (including personal information, hereinafter referred to as "Information”.) handled in the business activities. Each entity in the Deloitte Tohmatsu Group shall ensure the protection of Information by establishing the principle related to information security, by familiarizing all Partners, Employees, and, where relevant, Third Party contractors who are involved in business activities and handling Information with the principle as well as by complying with the principle.

Deloitte Tohmatsu Group is a collective term that refers to Deloitte Tohmatsu LLC, which is the Member of Deloitte Asia Pacific Limited and of the Deloitte Network in Japan, and firms affiliated with Deloitte Tohmatsu LLC that include Deloitte Touche Tohmatsu LLC, Deloitte Tohmatsu Consulting LLC, Deloitte Tohmatsu Financial Advisory LLC, Deloitte Tohmatsu Tax Co., DT Legal Japan, and Deloitte Tohmatsu Corporate Solutions LLC. Please click here for the list of entities comprising Deloitte Tohmatsu Group.

1. Each entity in the Deloitte Tohmatsu Group shall establish information security management system, which is intended to cover its information assets held and controlled in its business activities.

2. Each entity in the Deloitte Tohmatsu Group shall take controls to adequately protect information assets that the entity from the threats against confidentiality, integrity and availability.

3. Each entity in the Deloitte Tohmatsu Group shall comply with the laws, regulations and contracts related to information handling.

4. Each entity in the Deloitte Tohmatsu Group shall make awareness of importance of information security, increase awareness for adequate information handling, and continuously implement information security-related trainings for its partners and staffs.

5. Each entity in the Deloitte Tohmatsu Group shall make its effort to prevent information security incident (including information leakage, theft, loss, and alteration). If any incident occurred, we shall promptly respond in accordance with the procedures prescribed by Deloitte Tohmatsu Group, minimize the damage and take preventive actions.

6. Each entity in the Deloitte Tohmatsu Group shall regularly review and continuously improve its information security management system and its information security efforts to correspond changes in the information security environment.

 

Takashi Nagata
Deloitte Tohmatsu Group CEO

* Deloitte Tohmatsu Group has been certified for ISO / IEC 27001, an information security management standard, since May 2017.