Appointment of CISO and information security organization

Purchase of information security breach insurance

E-commerce liability insurance Personal information security liability insurance

Annual review of information security laws and revisions (Maintenance of currency)

Internal activities

Drafting and execution of information security plans Security reviews of new systems and environment changes Information security consulting and internal security audits (Check-ups for security weaknesses from legal / managerial / technical / physical perspective) Operations and regular check-ups of information system (including information security system) Training for information security awareness (Employees) Annual drills to train for intrusions and disasters

External activities

Response to personal information management review in financial services sector Response to individual inspections of financial service providers Inspections of outside partners for management of personal information