Information Security

Our Approach and Management System for Information Security and Customer Information Protection

With unauthorized access to information via the Internet as well as cyber-attacks increasing daily and becoming more sophisticated, the Fuyo Lease Group recognizes that information security risks are an important management issue. The Group has established an information management system based on work content, and strictly manages customer information.

In order to establish a strict information management system for the entire Group, data is strictly controlled by our information security manager in accordance with detailed rules, including the Confidential Information Management Rule. Additionally, each employee is thoroughly informed of the Appropriate Information Management section included in the Code of Corporate Conduct as well as the Privacy Policy, and we have implemented level-specific information security training programs. Furthermore, the internal audit division conducts regular audits on information security.

Initiatives to Information Security and Customer Information Protection

To appropriately protect customer information, when outsourcing work, we impose confidentiality obligations on outsourcers, and when obtaining personal information from individual customers, we always give notice of the purpose of use in accordance with the Act on the Protection of Personal Information and its guidelines. In addition, our rules and regulations subject to disciplinary action under the rules of employment include rules and regulations that concern information security, and we make efforts to prevent violations. Furthermore, to maintain our information security system, once a year, we confirm procedures that are not only conducted under regular circumstances but also those in which we assume emergency situations in response to incidents such as cyber-attacks and natural disasters.

Also, training is provided for each level of employment so that each employee can recognize the importance of information security and manage information appropriately. In fiscal 2022, we conducted training on confidential information management and personal information protection for first-year employees in the generalist track.

In fiscal 2022, there were minor issues, such as wrong email transmissions and incorrect delivery of mail, but there were no incidents, such as violations of laws and regulations concerning information security, and there were no related sanctions.

In response to each customer segment and the work being handled, the following group companies have acquired the Privacy MarkGlossarybusiness operators who have been deemed appropriate for the handling of personal information, and ISO27001 certificationGlossary, which is a global standard for information security management systems. By continuously improving our management systems based on these standards, we are working to further improve reliability.

Sharp Finance

Sharp Finance is a leasing company that has its strengths in the retail market for small retail leasing, such as developing vendor leasing in collaboration with dealers for small- and medium-sized enterprises.
Since 2006, the company has been granted the Privacy Mark by JIPDEC.

Privacy Mark Registration Certificate

Accretive

Accretive provides solution services such as financial services and accounting administration. In March 2006, it acquired ISO27001 certification for the entire company.

ISO27001 Management System Registration Certificate

INVOICE

INVOICE's offerings include business customers integrated billing services that help reduce costs and improve productivity, and Internet services for residential buildings for individual customers.
Since 2008, the company has been granted the Privacy Mark by JIPDEC.

Privacy Mark Registration Certificate

NOC Outsourcing & Consulting

NOC Outsourcing & Consulting handles a wide range of business outsourcing such as back office services (accounting, HR and payroll, general affairs, sales administration), IT services, personnel services.
In 1998, NOC Outsourcing & Consulting was granted the Privacy Mark by JIPDEC first in Japan. Furthermore, in February 2006, it acquired ISO27001 certification for the Information Systems Department, Business Headquarters.

Privacy Mark Registration Certificate

ISO27001 Management System Registration Certificate

WorkVision

WorkVision provides a full range of IT solutions centered on cloud services and package services that cover planning, development and sales to operation, maintenance and other services.
In 2005, it was granted the Privacy Mark by JIPDEC and in 2007, it acquired ISO 27001 certification for the entire company.

Privacy Mark Registration Certificate

ISO 27001 Management System Registration Certificate

FGL Techno-Solutions

FGL Techno-Solutions provides equipment sales, outsourcing helpdesk services, kitting, construction, and other technical services in ICT-related fields. In June 2022 it received ISO 20000 and ISO 27001 certification for its departments that provide systems and operations management services for customers.
Other registration certificates will be posted once organizational restructuring has been completed.

ISO 20000 and ISO27001 Management System Registration Certificates

FGL Circular Network

FGL Circular Network purchases and sells property of Fuyo Lease whose leases are up and used property owned by customers. The company has acquired ISO 27001 certification for its Hachioji Technical Center, which carries out reuse and recycling of such property.

ISO 27001 Management System Registration Certificate

Glossary

Privacy Mark

The Privacy Mark is given to business operators that handle personal information appropriately by conforming to the standards set in the Japanese Industrial Standard of JIS Q 15001: 2017 Personal Information Protection Management System - Requirements.

ISO27001

ISO27001 is a global standard for the specification of information security management systems established by the International Organization for Standardization.

ISO20000

ISO 20000 is a global standard for the specification of IT service management systems established by the International Organization for Standardization.