Governance | Initiatives for reinforcement of information security
Shareholders and investors have made the effective functioning of internal control into a key issue amidst an epidemic of corporate misconduct in Japan and overseas. In this section, Capcom will explain the corporate governance structure and systems that it has initiated so far based on the key concepts of “effectiveness and visibility” in terms of the results of third party assessment.
(Assessment areas are highlighted in yellow.)
Capcom Corporate Governance Guidelines (December 16, 2021)
Corporate Governance Report (December 16, 2021)
Initiatives for reinforcement of information security
Measures against various cyber risks both in Japan and overseas, including the prevention of information leaks and compliance with the E.U.’s General Data Protection Regulation (GDPR), have become crucial in light of the importance of personal information management systems, etc., in recent years. As a part of these measures, the Company is striving to reinforce its information security system by such means as securing and developing human resources with expert knowledge, conducting thorough in-house training and performing regular checks, in order to prevent malfunction and disruption of information systems caused by cyberattacks from outside the organization, such as from computer viruses and unauthorized access.
However, despite these efforts, a cyber-attack against the Company involving unauthorized access was detected in November 2020 and it was revealed that personal and corporate information had been compromised. In response to this situation, the Company has conducted an investigation on the unauthorized access and information leak with the cooperation of external specialist companies, established an advisory body consisting of outside experts, the Information Technology Security Oversight Committee, and with its guidance and advice has taken various measures to enhance security aimed at preventing the recurrence of any such incident.
Going forward, the Company will continue to make efforts to further enhance its operation and oversight functions and information security on an ongoing basis with the cooperation of the Committee.