Fuji Xerox and 33 Domestic Sales
Subsidiaries Attain Information
Security Management Systems Certification (ISMS)
October 5, 2005
| Fuji Xerox Co., Ltd. and 33Note1
of its domestic sales subsidiaries attained the international
qualification BS7799-2:2002Note2
and the Japanese qualification ISMS Certification Criteria
(Ver 2.0)Note3 for its information
security management systems on September 29, 2005,. All business
processesNote4 executed at Fuji Xerox's sales subsidiaries
in Japan have been certified. |
| With the objective of boosting auditing
quality, Fuji Xerox audited all 645 of its domestic sales
departments as well as all personnel, approximately 16,500Note5,
engaged in work in these departments. |
| Utilizing the Enterprise Architecture (EA)
framework promoted by the Ministry of Economy, Trade and Industry,
Fuji Xerox developed propriety risk assessment techniques.
Further, the creation of an implementation plan and an independent
operational system within a six-month period facilitated the
swift attainment of the certifications. |
| Additionally, Fuji Xerox provided education
for 662 internal auditors so that the company could operate
under an integrated auditing system. This purpose of this
move was to enhance information security management. Meanwhile,
"information security disciplinarians" have been
assigned to each department to advance activities aimed at
continually improving information security at the sales frontline.
A support system using the Internet and a monitoring system
are employed as aids. |
| Going forward, Fuji Xerox plans to provide
information security management solutions to its customers
as part of an internal control package. It aims to accomplish
this by leveraging its recently developed techniques and systems,
and by using its own document technology to effectively analyze
and assess the condition of a customer's information security.
|
|
Note1
|
Of Fuji Xerox's 34 domestic sales
subsidiaries, Chiba Xerox Co., Ltd. had already attained the
certification. |
| Note2 |
Accreditation standards by The
United Kingdom Accreditation Service (UKAS). |
| Note3 |
Accreditation standards by the
judicial foundation, Japan Information Processing Development
Corporation. |
| Note4 |
Plans are in place to attain the
certification at Headquarters, R&D departments and manufacturing
departments, among others, in the future. |
| Note5 |
All personnel engaged in business
processes, including dispatched workers. |
| [ Principal Information Security Activities
Until Now ] |
| * |
Formulated information security regulations in 1999. |
| * |
Developed information infrastructure base Xnet based on Public
Key Infrastructure (PKI) technology. Fuji Xerox was the first
in the industry to attain ISMS certification in May 2002. |
| Company |
:
|
Fuji Xerox and domestic sales
subsidiaries |
| Location |
:
|
2-17-22 Akasaka, Minato-ku
Tokyo 107-0052 |
| Certification |
:
|
BS7799-2:2002 and ISMS Certification
Criteria (Ver 2.0) |
| Registration number |
:
|
IC05J0097 |
| Scope of certification |
:
|
Sales activities and all business
processes related to customer information services at Fuji
Xerox Co., Ltd. (including sales subsidiaries) in Japan |
| Date of attainment |
:
|
September 29, 2005 |
|
|
