Information Security Management System (ISMS) Policy

As a premier business unit in document management, Ricoh (Malaysia) Sdn. Bhd. is committed to achieve and maintain excellence in customer Satisfaction and long-term relationship with our business partners.

We recognize the value of all information assets, including those of special interest groups i.e our employees, customers, partners, suppliers and authority.

For this purpose, we will establish an information security management System to maintain the trust and confidence of all stake holders.

Based on this management system, we will maintain and enhance our Corporate ethics efforts concerning legal compliance, business continuity and further ensure the integrity and trustworthy of our role in the global Information society.

Action Guideline:
  1. Build the information security management system to secure the confidentiality, Integrity, and availability of the information for daily operations.
  2. Create awareness to all our employee through appropriate education and trainings.
  3. All staffs are required to fully abide by the regulations of this information security management system, and corrective measures are to be deployed in case of violation.
  4. Continuous improvement on effectiveness of our integration management system, products, and services quality.
  5. Develop and maintain a BCP throughout the organization to address the information security requirements and to secure business continuation in the event of major business disruption.

INFORMATION SECURITY OBJECTIVES

With regards to the security policy, RMS defines the following security objectives to provide measurements for overall effectiveness of ISMS:

  • No security incidents results in undermining trustworthiness of RMS to global information society.
  • Security incidents shall be targeted at less than the average of 3 preceding fiscal years.
  • Security awareness communication shall take place at least 2 times per year.
  • Mission critical processes in RMS are to be resumed in 24 hours in case of disaster.

Definition of impact from security incidents are defined in Security Incident Management Procedure.

Mission critical processes are identified through business impact analysis, which incorporated in Business Continuity Management Procedure.

Personal Data Protection Act, 2010

We at Ricoh (Malaysia) Sdn. Bhd. (10078-W) (“RMS”) recognize the importance of protecting your personal information and are committed to the compliance of Personal Data Protection Act, 2010 (“PDPA”).

Information Security Policy is instituted to define the basic requirements for the establishment, implementation, maintenance and improvement of the Information Security Management System (ISMS) in RMS, including the security measures of all personal data during the collection to destruction cycle

We may keep your personal data on our data base in order that we may serve you better. But we also know how important it is to you. We are therefore committed to keep your personal data safe and in accordance with the PDPA. For further information, please click the notice (English) / notice (BM) for further information.

Thank you.

 

The Management
Ricoh Malaysia Sdn Bhd