Information Security Policy
ChiaroShield Consulting (hereinafter "we" or "our practice") provides consulting services in IT, security, and governance. We recognize the information assets entrusted to us by clients, as well as the information assets held by our practice, as important business resources. To protect these assets appropriately, we establish the following Information Security Policy.
Effective date: June 19, 2026
1. Protection of Information Assets
We implement appropriate controls according to our business activities and associated risks in order to maintain the confidentiality, integrity, and availability of the information assets we handle.
2. Compliance with Legal and Contractual Requirements
We comply with laws, regulations, contractual obligations, and agreements with clients related to information security.
3. Information Security Management
The principal consultant is responsible for information security management. We continuously manage information assets required for our business, including access control, authentication management, subcontractor management, and appropriate checks when using cloud services.
4. Awareness and Continuous Learning
We maintain and improve our knowledge and awareness of information security by continuously reviewing current threats, vulnerabilities, relevant guidelines, and industry practices, and by reflecting them in our work.
5. Incident Response
If an information security incident, or a potential incident, is identified, we will assess the scope of impact and promptly take necessary actions to prevent escalation, investigate the cause, prevent recurrence, and report to clients and relevant parties as appropriate.
6. Continuous Improvement
We periodically review this policy and our information security measures in light of changes in our business environment, technology, and threat landscape, and we work to improve them continuously.
7. Business Information
- Business Name
- ChiaroShield Consulting
- Location
- Ota, Tokyo, Japan
- Principal
- Masahiro Umezawa