Sustainability | GovernanceBasic Policy on Information Security

Basic Policy on Information Security

General Direction

This Policy shall apply to the TDK Group.
The TDK Group shall work on maintenance and enhancement of the security of information, recognizing that it is indispensable to secure personal information and trade secrets (including information on or received from customers) appropriately, and ensure the correctness and accuracy of financial information as well as business continuity in order for us to make ourselves highly reliable and more satisfactory to our stakeholders.
We all shall execute the following seven actions as the concrete guidelines of actions.

Action Guidelines

  1. Observance of Laws and Regulations
    In the handling of information, we shall observe laws and regulations concerning “the prevention of alteration, leakage, unauthorized access, and unlawful use of information, ” “requiring reliability of information and correctness in disclosure,” and “protecting personal information,” and “business requirements including terms and conditions of contracts with customers” in the respective countries and regions.
  2. Information Security Management System
    We shall establish a system to manage and govern information security organically and define its role and responsibility.
  3. Implementation of Measures for Risk Management
    We shall find out threats and vulnerability in light of confidentiality, completeness, and availability and implement sufficient measures in response to the risks. In addition, we shall make sure to implement the measures for information security with the company regulations set in accordance with this Policy.
  4. Provision of Resources
    The management shall provide management resources necessary to execute this Policy.
  5. Continuous Improvement of Information Security
    We all shall endeavor to continue to improve the information security in response to changes in risks arising from transformation in internal and external circumstances.
  6. Strict Actions
    Should there be a violation of this Policy or the company regulations, the management shall take a strict action in accordance with the Code of Conduct and the Work Rules.
  7. Dealing with incidents and accidents
    Should there be an incident and accident related to the information security, we shall endeavor to take an appropriate action and work to prevent a recurrence.

Established July 1, 2005
Revised on January 1, 2025
Noboru Saito
President & CEO
TDK Corporation