Home > Sustainability > CSR Management > Information Security

Print

Sustainability
Management Initiatives Aiming to be a Company that Empowers People and Society

Information Security

Information Security Policy

Amid the rapid advancement of Internet-based advanced Information telecommunications network society (hereinafter referred to as "IT Society"), convenience of economic society has been elevated with far more speed than we expected. On the other hand, new problems including the leakage of personal Information have surfaced, and it is demanded in all areas of the society to appropriately respond to create a robust IT Society.

In this environment, the Rakuten Group, which is providing a wide range of services from EC to financial services over the Internet, shall recognize Information Assets consisting of both various information including personal Information of its users and Information System of hardware and software is indispensable for implementing business activities of Rakuten Group as well as further strengthen all Information Security measures, through emphasizing ensuring of the Information Security by appropriate protection and management of these Information Assets, at one of the highest management issues.

Therefore, the Group shall establish Information Security Management System, in which all related persons participate, through the following items, and continues its tireless efforts to ensure Information Security.

  1. Establishment of the Information Security Management System
    To build an Information Security Management System under a management-team initiative and strive to enhance and maintain Information Security.
  2. Appropriate management of Information Assets
    To recognize the importance of Information Assets held and evaluate risks and properly manage these assets.
  3. Establishing Regulations, etc. for ensuring Information Security
    To establish Regulations, etc. for ensuring Information Security, and thoroughly extend these through all related persons.
  4. Compliance with laws and norms
    To be compliant with laws and norms related to Information Security.
  5. Continuous improvement
    To implement audits on a regular basis and continuously improve the Information Security Management System.

Initiatives for Information Security Enhancement

  1. Our effort with ISO/IEC 27001
    ISO/IEC 27001 ISMS Certification is accredited to the organization that is compliant with international standard of Information Security Management System (ISMS). We aim to maintain the confidentiality, integrity and availability of information assets by constructing, operating, and continuously improving Information Security Management System (ISMS) to manage various risks such as the loss and falsification of information assets and service outage.
    After Rakuten Ichiba accredited the certificate first time in November 2006, Rakuten Group broadened the ISMS scope to the whole company in March 2007. Currently, 20 companies of Rakuten Group have accredited with ISO/IEC 27001 and giving more effort for ensuring Information Security.
    • Rakuten, Inc.
    • Target, Inc.
    • Rakuten Auction, Inc.
    • Signature Japan Co., Ltd.
    • Rakuten Travel, Inc.
    • Rakuten Bus Services Inc.
    • Rakuten Baseball, Inc.
    • Fine Trading Co., Ltd.
    • Rakuten ANA Travel Online Co., Ltd.
    • Keiba Mall, Inc.
    • Rakuten Socio business, Inc.
    • Rakuten Research, Inc.
    • RakutenCard Co., Ltd.
    • Rakuten ShowTime,Inc.
    • Rakuten Shigoto Shoukai, Inc.
    • Rakuten Logistics, Inc.
    • LINKSHARE JAPAN K.K.
    • TicketStar Inc.
    • Rakuten EMOBILE, Inc.
    • Rakuten Mart, Inc.
  2. Privacy Mark Certification
    The Privacy Mark Certification is accredited businesses that have established systems for appropriately protecting personal information in accordance with the Japanese Industrial Standard "Personal information protection management systems - Requirements (JIS Q 15001)". The certified organizations are permitted to use the Privacy Mark in the connection with business activities. The following seven companies in the Rakuten Group have received Privacy Mark certification.
    • Rakuten Bank, Ltd.
    • Rakuten Securities, Inc.
    • FUSION COMMUNICATIONS CORPORATION
    • O-net, Inc.
    • Rakuten Research, Inc.
    • Rakuten Edy, Inc.

Page top