The Bandai Namco Group has established the Group Risk Compliance Committee, chaired by the President and Representative Director of Bandai Namco Holdings Inc. The committee’s members include full-time directors and it has a secretariat. With this organization in charge, we have strengthened Groupwide risk management and put into place a system to respond to crises. Within this framework, we are working to strengthen compliance, prevent compliance violations, and enhance information security.
Approach to Information Security
The Bandai Namco Group recognizes that its initiatives for information security represent an important element of the Group’s business execution. We are working to safeguard our information assets while also taking into account changes in the legal and social situations.
We are working to prevent incidents by implementing appropriate information security countermeasures based on the value of our information assets pursuant to the Group Information Security Management Rules compliant with laws, regulations, and other rules. Maintaining and strengthening our information security system is considered a companywide action as part of our daily management and operating activities rather than the responsibility of individual organizations in charge. With this in mind, we strive for continuous improvement.
At each Group company, the President and Representative Director appoints a Chief Information Security Officer (CISO) as the ultimate person responsible for information security.
Group Information Security System
Main Roles of the Group Information Security Committee
- Gather and analyze information on the Group’s information security system as well as plan and propose improvements.
- Review the Group’s rules and regulations on its information security system.
- Training of the Group’s officers and employees, as well as monitoring and assistance for awareness-raising activities
- Monitoring and assistance for the Group’s information security activities
- Planning and monitoring of measures to prevent information security incidents
- Information-related collaboration inside and outside the Group as the Group’s CSIRT
Main Roles of Bandai Namco Holdings and Group Companies
- Each company establishes its own information security system
- Each company reviews and implements its own information security measures
- Execute Groupwide information security measures and report to the Group Information Security Committee
CSIRT stands for Computer Security Incident Response Team; an organization that implements information security countermeasures.
Response to Information Security Risks or Crises
In case of an information security-related contingency, the Group CISO will convene a meeting of the Group Information Security Committee to immediately implement necessary countermeasures and respond following the Group Risk and Compliance Rules along with operational rules and guidelines.
Workflow of Response to Information Security Risks or Crises
Management of Personal Information
On occasion, the services provided by the Bandai Namco Group require that we obtain customers’ personal information. To ensure that we carefully manage this personal information, we maintain a Groupwide personal information management system compliant with the privacy laws of the countries where we operate. Additionally, the Personal Information Protection Guidelines set forth the appropriate handling of personal information, including the acquisition of only the minimal information necessary, optimization of access rights, and deletion of information after the purpose of use has been achieved. We obtain and handle customers’ personal information carefully following these guidelines after disclosing the purpose of use in advance. At the same time, we have established a companywide personal information management ledger to visualize processes from acquisition to deletion.
The Group’s Personal Information Management System
|The Chief Administrator of Personal Information Protection (CPO)
|Personal Information Protection Management Office
|Administrator of Personal Information Protection for Each Department
Information Security Training
The Bandai Namco Group educates all employees about the importance of information security in their duties. We also make the Group Information Security Management Rules known to all to ensure information assets are managed and used appropriately. In addition, we provide training on information security to all Group employees in Japan and abroad using such formats as e-learning and seminars.