Basic Policy on Information Security

Kyocera Communication Systems Co., Ltd., (hereinafter the "Company") holds the management philosophy, "the Company aims to pursue the happiness both physical and spiritual of all employees, and, at the same time, to contribute to the advancement of society and humankind" through the business of the Company. Under this management philosophy, the Company has been aware of the importance of information security from early on, and has been making efforts to establish an information security management system that aims to reconcile two objectives of "safeguard information assets," and "active use of information on the assumption of information sharing." Then the Company has established the Information Security Policy that can be a guidance in making these efforts, under which it is working on proper operation and continuous improvement of the Information Security Management System. We hereby declare that we will fulfill the responsibilities as a member of society by understanding and complying with the Information Security Policy.

1. Protection of information assets

In order to protect information assets from disclosure, alteration, or destruction, the Company conducts the risk assessment in the whole organization and, based on the result, responds to the risks.
The Company aims to improve the level of management of information assets by continuing this activity.

2. Ensuring safety and convenience of information systems.

The Company will make efforts to secure and maintain the confidentiality, availability, and integrity of information so that it can actively use and share information with keeping the safety and reliability of information systems.

3. Establishment of information security management system

The Company establishes the Information Security Management Commitee and KCCS-CSIRT to protect the information and ensure the safety and convenience of information systems.
At the same time, the Company strives to prevent the occurrence of information security incidents.

4. Implementation of information security education.

In order for the employees to be able to understand the social responsibility to properly handle information assets and improve awareness of information security, the Company will continuously conduct necessary education.

5. Compliance

The Company will promote the information security measures by having employees comply with all laws and regulations, and internal rules concerning information security.

Date of Enactment : March 31, 2006
Date of Latest Revision : February 1, 2018