Data Utilization & Security
Basic Approach
The Yamato Group stores and handles the important personal information of many customers. In order to continue operating our business sustainably in the future, we believe that it is essential to ensure information security. We are working to prevent the leakage of personal information by setting based on our Group Corporate Philosophy and Corporate Stance, which advocate the protection of personal information. Going forward, in addition to ensuring information security, we will also utilize big data obtained from vehicles nationwide to solve social issues and provide new value.
Main Targets of the Sustainable Medium-Term Plans 2023
- Develop an infrastructure for creating businesses that utilize data to resolve social issues
- Achieve zero serious information security incidents
- Ensure 100% deployment of information security managers
at major organizations and 100% implementation of training for information managers
For detailed targets and results, please refer to Sustainability Strategies, Goals and Results.
Promotion Structure
In order to ensure information security, the Yamato Group has established a system to continuously supervise and handle information security-related matters, led by the Compliance and Risk Committee, chaired by the officer responsible for compliance and risk management. The Yamato Group business divisions that handle confidential information most frequently have also acquired ISO 27001 (ISMS) certifications.
For details of ISO 27001 certification status, please refer to ESG data.
Policies on Data Utilization and Security
As a custodian of customers' personal information, the Yamato Group considers it its social responsibility to protect information assets. We have therefore formulated the following information security policies.
Information Security Initiatives
The Yamato Group conducts information security training once a year, aiming for a 100% attendance rate. We also conduct regular internal and external audits at our ISO27001-compliant business locations. The risk of cyber-attacks from outside has increased in recent years, and we believe that countermeasures against cyber-attacks are an urgent issue. The Yamato Group has established a dedicated department (YAMATO CSIRT) to combat cyber-attacks, and is engaged in various preventive measures. In order to ensure safe and appropriate handling of personal information, we will continue striving to improve customer confidence by instilling rules on information security and expanding educational opportunities.
Data Utilization Initiatives
Enhancing Development of Digital Human Resources
In FY2021 the Yamato Group launched Yamato Digital Academy, an educational program designed to foster the development of digital human resources at an early stage, and is working to implement data-driven management throughout the Group.
A total of 135 employees participated in Yamato Digital Academy in fiscal 2022.
Enhancing Data Management
In addition to the development of human resources, we believe that quality control of data is also important in order to achieve the effective realization of data-driven management, and are enhancing data management to support this.
As part of this effort, we have launched the concierge function, an internal inquiry desk for data-related matters.
Selection for Digital Transformation Stocks
Yamato Holdings was selected for Digital Transformation Stocks (DX Stocks) 2023, which are jointly held by the Ministry of Economy, Trade and Industry, the Tokyo Stock Exchange, and the Information-technology Promotion Agency, Japan. DX Stocks select and introduce TSE-listed companies that create in-house systems for enhancing corporate value while promoting DX and displaying outstanding performance in utilizing digital technology.