Shareholders and investors have made the practical and effective functioning of internal control into a key issue amidst an epidemic of corporate misconduct in Japan and overseas. In this section, Capcom will explain the corporate governance structure and systems that it has initiated so far based on the key concepts of "effectiveness and visibility" in terms of the results of third party assessment.
(Assessment areas are highlighted in yellow.)
Capcom's basic policy for Japan's Corporate Governance Code (PDF: 564KB/36 pages)
- Structure and
- External Directors
- Information on Shareholdings
- Internal Control
- Information Security
Information Security Initiatives
Building Mechanisms for the Appropriate Protection of Information Assets
As a company primarily engaged in the planning and development of software, Capcom is an environment where the latest information technology is always in use. Compared to companies in other lines of business, we face relatively high information security risks.
Accordingly, to protect Capcom's information assets from a variety of threats and maintain an information security policy appropriate for a corporation trusted by society, we publish internal information regulatory guidelines, including Basic Security Policies, System Usage Policies and Basic Disclosure Policies.
We use a firewall to protect us from external attacks via the Internet, and each of our internal systems utilizes unique IDs, passwords and encryption to reduce the risk of unwelcome intruders.
Furthermore, in order to bolster information security we have been implementing the following four measures to prevent information leaks over the past few years: the (1) identification of information leak risks, (2) creation of an early response structure to respond to information leaks, (3) establishment of a response process to minimize damage in event information is leaked and (4) implementation of regular security training.
Moreover, to prevent the remote takeover of computers and other cyber-attacks that are on the rise recently, we constantly monitor for suspicious communications with external networks and implement virus and unauthorized software detection on computers issued to employees.