Information Security Basic Policy [ISO/IEC 27001]

AGENCIA Corporation considers information security to be the foundation that supports the reliability of corporate activities in all areas of IT-based problem solving and an indispensable foundation for business operations.
We recognize that the protection of all information assets, including information assets entrusted to us by our customers and business partners, as well as our own intellectual property and business information, is the key to maintaining and improving corporate value.
Therefore, while we strive to maximize business results by improving operational efficiency and reducing costs, we also place the development of an information security management system (ISMS) at the core of our management and make it a pillar of our corporate philosophy to ensure its continuous and effective operation.
In addition, our information security efforts are not merely a risk countermeasure, but also an action based on corporate ethics as part of our social responsibility, and we aim to ensure that all executives and employees share this philosophy and reflect it in their daily business activities.

AGENCIA, Inc. shall implement organizational and technical control measures to prepare for all risks in order to maintain the confidentiality, integrity, and availability of the information assets it holds, and shall review them flexibly in response to changes in the environment and society.
We clearly define information security objectives and establish a cycle to regularly evaluate and verify whether these objectives are being achieved in actual operations, and to take remedial measures as necessary.
We will also comply with external requirements such as laws and regulations, guidelines, industry norms, and contractual obligations, and establish a compliance system integrated with internal rules.
We will continuously provide education and training optimized for each level of employees so that each employee deeply understands the importance of information security and acts with high ethical standards and a sense of responsibility.
Furthermore, we will continuously evaluate and review our rules and operational systems, led by the Information Security Committee, to ensure public trust and maintain and improve security quality.