Information Security Statement
Effected: 1st June, 2005
Revised: 17th June, 2010
NEC Platform Technologies Hong Kong Limited (NEPT) has an ethical and legal obligation to contribute to society by offering better products and services, we consider it to be our duty to protect the information assets we keep for our customers and partners as well as our own information assets. The board and management of NEPT are committed to preserving the confidentiality, integrity and availability of such information assets throughout its organization. To achieve this, NEPT declares the adoption of this information security statement and its implementation, formulates the Information Security Policy which is the embodiment of the statement, and enforces their compliance to all the staff of NEPT, including management, employees and third parties, who work for NEPT.
- NEPT makes efforts to maintain an information security management system and to control its information assets appropriately.
- NEPT builds up its internal rules and regulations (the Information Security Policy) so that they are in line with this statement.
- NEPT continuously offers the training that is necessary to maintain information security to all management, employees and third parties, who work for NEPT.
- NEPT implements human, organizational, and technological security controls to protect its information assets from unauthorized access, leakage, modification, theft/loss, denial of service attacks, or any other threat.
- NEPT makes efforts to rapidly locate the root cause, keep damage to a minimum and prevent the recurrence if an incident posing a threat to information assets should occur.
- NEPT complies with the laws and regulations as well as the national guidelines, the social standards and norms related to information security.
- NEPT continuously reviews and improves those activities listed above.
Please note that security management is the responsibility of all the staff, not just those people filling roles with specific security duties. The requirements described in the Information Security Policy have been decided after careful consideration of our legal and ethical obligations to the Government, citizens and to the staff. I expect all the staff to follow them. If, for any reason, they cannot be complied with a concession must be applied for through the Chairperson of the Information Security Committee.
These policies are in effect from 1st June, 2005.