Sony Assurance Becomes First Japanese Non-Life Insurer to Receive Companywide ISO 27001 Information Security Management System Certification
June 28, 2007
Sony Assurance, a wholly-owned subsidiary of Sony Financial Holdings, today announced that on June 20, 2007, it received companywide certification under the JIS Q 27001:2006 (ISO/IEC 27001:2005), or ISO 27001, international standard for information security management systems. As a result, Sony Assurance became Japan's first non-life insurer to receive such accreditation on a companywide basis*.
Keenly aware of the importance of managing strictly such information assets as customers' personal information, Sony Assurance has endeavored to establish a strong security management system. As a result, on May 27, 2005, Sony Assurance became Japan's first non-life insurer to be accredited according to Information Security Management Systems (ISMS) certification criteria (Ver. 2.0) and BS7799-Part 2:2002 for planning and establishing operational and intra-company systems at headquarters divisions handling direct sales of insurance products.
As the former certification standards shifted to ISO and JIS, Sony Assurance worked to adjust its former certification to the JIS Q 27001:2006 (ISO/IEC 27001: 2005) standards and expand its certification to a companywide basis, resulting in the current ISO 27001 certification.
Going forward, Sony Assurance aims to continue earning the trust of its customers by enhancing its information security management.
*Based on Sony Assurance's findings as of June 20, 2007. The search excludes insurers that do not disclose their receipt of certification.
Note: This is an English-language summary of a Japanese announcement made by Sony Assurance on June 28, 2007. The summary was prepared by Sony Financial Holdings Inc. solely for the convenience of non-Japanese readers.
