Our Approach

Recognizing the importance of information security in corporate risk management, in April 2024 we reorganized the Information Security Committee as an independent, cross‑Group committee, separating it from the ESG management structure.
The Committee reviews and evaluates whether the initiatives implemented by each Group company contribute to strengthening the KPP Group’s overall information security capabilities and reducing vulnerabilities. It also promotes the sharing of information security incident cases among Group companies and operates the PDCA cycle to ensure the systematic implementation of improvement plans and employee education.
In January 2025, we distributed an Information Security Guidebook for employees that clearly explains the global information security management regulations applicable to all Group companies. Through this initiative, we are raising awareness of countermeasures not only at the organizational level but also at the individual employee level.

While advances in IT technology bring significant benefits to our business, attacks on information systems and methods for stealing corporate data are becoming increasingly sophisticated and diverse. Addressing these threats is one of the critical foundations and initiatives for promoting DX and achieving future growth, and we are therefore committed to further enhancing our information security framework.

Metrics and Targets

Our goal for FY2030

 Visualization of the level of improvement in security literacy through the assessment of information security maturity across the KPP Group, and continuous improvement and training based on Group regulations
Initiatives in FY2025

●Survey on the level of awareness of the Group Information Security Regulations and the Information Security Guidebook
●Quarterly meetings among Group IT departments, including security initiatives
・Sharing information on the latest threats and discussing countermeasures
・Promoting security awareness and knowledge assessments for Group employees
・Reviewing measures to enhance role‑based security management requirements
Initiatives in FY2026

●Implementation of measures to enhance awareness of the Group Information Security Regulations and the Information Security Guidebook
●Quarterly meetings among Group IT departments, including security initiatives
・Sharing information on the latest threats and discussing countermeasures
・Analyzing the results of security awareness and knowledge assessments for Group employees and identifying key issues
・Formulating plans to enhance role‑based security management requirements

Initiatives in FY2027

●Operating the PDCA cycle to further enhance awareness of the Group Information Security Regulations and the Information Security Guidebook
●Quarterly meetings among Group IT departments, including security initiatives
・Sharing information on the latest threats and discussing countermeasures
・Implementing measures to strengthen security literacy for Group employees
・Implementing measures to enhance role‑based security management requirements