Flow of ISMS endeavors

based on the PDCA cycle

Raise staff awareness　　

① Confirmation of work flow in relation to the transfer of mediaCreate a work flow for each activity based on media transfer surveys and ensure wide knowledge of actions in accordance with that flow.

⑥ Continued implementation of patrols of actual office buildingsImplemented year-round (spot checks)

③ Confirmation of standard of information security measures implemented by outside organizationsComprehensive explanation to organization in question, individual confirmation and instruction for rectification

② Ensuring knowledge of precautions for removing USB memory sticks and other external media from the premisesEnsure wide knowledge that external use is, in principle, prohibited, and of precautions when external use is unavoidable

④ Confirmation of implementation of information security measures by sub-contractors in consignment contractsConfirmation by check list for sub-contractors with large contract values

⑤ Improvement of security incident responsesIn the unlikely event of an incident, formulation of improvement measures following investigation of the cause and readjustment of work flow.

　　　　　　

En

ha

nce

me

nt

of

Ind

ivid

ua

l R

es

po

ns

es

to S

ec

uri

ty

En

ha

nce

me

nt

of

Ind

ivid

ua

l R

es

po

ns

es

to S

ec

uri

tyC

rea

tio

n a

nd

E

mp

lac

eme

nt

of

Sec

uri

ty S

yst

em

Cre

ati

on

an

d

Em

pla

cem

en

t o

f S

ecu

rity

Sy

ste

m

《 Aims for FY2008 》

② Obtaining of certification by all 56 elementary, junior high and special needs schools

① Maintenance of certification by all internal departments

⑤ Internal auditor trainingFor: Internal auditors (section managers)Regarding internal auditing procedures

Information Security MeasuresInformation Security Measures

⑥ Ensuring examples of information security incidents and prevention measures are widely known (distribution by e-mail)Year-round as required For: all staff

① Training of new staff(by HR Development Group)For: newly employed staffImportance of security, Ichikawa City’s ISMS initiatives, etc.

② Practical administrative work training(by HR Development Section)For: staff who applied for training

③ Training by external instructorsFor: Information security managers (section managers)

④ Risk assessment trainingFor: Information security managers and information security promotersRegarding assessment procedures for level of risk of information assets outflow

Maintenance by all departments of ISMS certification and obtaining of ISMS certification by all schools

Implement truly effective security measures

Secure management of information held by the CityGain the trust

of residents

Breakdown of schools: elementary – 39; junior high – 16; special needs – 1

In order to build a solid information security system, all departments within the organization have received information security management system (ISMS) certification under international standard ISO27001, and we are currently preparing for certification of all municipal elementary, junior high and schools for special needs children. ISMS raises information security through continuous improvement based on the PDCA cycle. In 2008, in addition to enhancing training to encourage even greater awareness among staff, a variety of security measures will be implemented to actually promote effectiveness in the work of each department for more effective information security measures.

3

2

Secure and assured continuation of business by the City

ObjectivesPrevention of information leakage from internal sources due to staff actions, or due to unauthorized access from the outside.

Consistent secure operation of the information system with no effect on residents’ lives

1

Plan Do Check Act• formulation of

basic policy• formulation of

training plan

• implement policy prescribed in the plan

• implement security measures prescribed in the ISMS standard

• internal audit• deliberation by

security committee• actual examination

by certifying body

FY2006: Obtained by all internal departments

• implement improvement measures based on inspection results《 2008

Projects 》

Since FY2007: Maintenance of certification by all departments

• First regional public body to obtain ISMS certification

• Although there are currently 13 regional public bodies across Japan that are certified, Ichikawa City is the only one in which all departments have gained certification.

Materials – 3

FY2007: Obtained by 20 schools

FY2008: Obtaining of certification by remaining 36 schools