In fiscal 2007, Ricoh developed learning materials for employees in Japan in order to disseminate the RFG ISMeasures to the people at the forefront of various endeavors, also providing learning opportunities through a variety of training programs.
Overseas, emphasis has been placed primarily on ISMS development, for which training courses have been available in several languages to facilitate appropriate ISMS creation.
|
In Japan
Evolution of Information Security Training |
 |
|
|
Ricoh recognizes that information security management must be carried out by all members of the Ricoh Group including its partner companies. Based on this approach, a variety of training programs are offered to allow all members to get involved in this endeavor. Learning materials are prepared separately for senior management, managers and general employees addressing requirements specific to each level. Every member is required to attend sessions applicable to him or her. The evolution of information security training to date and actions undertaken during fiscal 2007 are explained below.
1) ISMS Implementation Phase (2003 through 2005)
Initially focusing on ISMS certification, training was offered to employees in a position to advocate ISMS development and to internal auditors, who needed to understand certification criteria. At the same time, general training programs were administered for all employees to elevate their level of awareness vis-à-vis information security.
2) Comprehensive training programs to ensure ISO compliance and courses for managers (2006)
|
MP Meister screenshot |
| |
 |
Training was offered to address the transformation of the ISMS standards into global ISO standards. In addition, managers responsible for business execution were asked to attend sessions to inform themselves of key issues surrounding information security management. To accommodate the large number of managers, MP Meister,* a PC-based training course, was used.
* |
Software developed by Ricoh for easy preparation of contents with a mix of animation and images sequences |
3) Review of Training Programs with RFG ISMeasures at the Core (Fiscal 2007 and after)
In fiscal 2007, the RFG ISMeasures were established. All training materials were brought under extensive review and courses were reorganized to ensure that the RFG ISMeasures would take root across the Group.
Event-style Learning Programs |
|
|
|
Until 2007, training meant sessions that relevant employees were required to attend, to acquire knowledge and skills. The Ricoh Group now runs three programs based on voluntary participation of Group companies in addition to classroom-type instructions.
1) Information Security Workshops
For each workshop, a guest speaker is invited to give participants insights into current information security topics and potential issues of future concern. Workshops offer learning opportunities and serves as a forum for inspiration. We select topics carefully to encourage spontaneous process improvements among Group companies.
2) Exchange Forum for Information Security Activities
Good practices of Group companies and leading-edge examples of non-Ricoh companies are presented during Exchange Forum sessions. The Exchange Forum gives people in various Ricoh companies, who have little interaction during regular business hours, rare opportunities to get to know each other and to initiate ongoing discussions and exchanges on information security topics.
3) Information Security Benchmarking Tours
For more in-depth learning experiences, onsite visits are arranged to locations whose practices were presented in the Exchange Forum for Information Security Activities and were found appealing to participants. Some benchmarking tours have led to the establishment of Group-wide procedures and tool development.
| Event-style learning process |
 |
Overseas
Training Focusing on ISMS Development |
|
|
|
Communications between Ricoh’s offices in Japan and its overseas operations are conducted mostly in English, but training must be conducted in the local language. Therefore, training is offered globally via third-party educational organizations. Currently, the following training courses are available for these locations.
1) Introduction to ISMS
The course teaches participants the underlying aims of ISMS. It helps managers, information security administrators, and employees who will be responsible for ISMS development to understand prevailing issues and challenges from the point of view of information security and to realize the need to build ISMS for the purpose of sound business.
2) ISMS Implementation in Actual Practice
This course is to equip participants with ISMS implementation methodologies to prepare them for ISMS development. Participants are expected to serve as leaders during the implementation and operational phases of ISMS.
3) ISMS Internal Auditors Training Course
The Ricoh Group recognizes that quality audit results are essential not only in terms of indicators of ISO conformance or non-conformance; rather, audit results should be viewed as a crucial element in effectively improving business. This program was developed based on this belief. Designed to foster personnel capable of making effective recommendations to management through their reporting activities, this program requires participants to take a test upon its completion. Those who successfully pass the test will be registered in the database as ISMS internal auditors. A total of 259 employees in overseas locations were registered as of March 31, 2008.
Training for All Employees |
|
|
|
Training programs for general employees have been translated into English, French, German, Italian, Spanish and Chinese, to familiarize all employees outside Japan with ISMS. In addition, a summary of ISMS-related information is available on “ISMS Navi,” software accessible by Notes, which most Ricoh Group employees around the world use to exchange and share information. The ISMS Navi screen displays updated information on ISMS, so employees can increase their awareness of information security.
| Symbols for each geographic region to promote ISMS training |
 |
Training Programs for Ordinary Employees:
Overseas Examples |
 |
|
|
Ricoh America Corporation has incorporated ISMS modules into their “Ricoh University,” an e-learning environment built on the philosophies of “Learning, Knowledge, and Performance” and geared toward sales, sales engineering and service professionals.
This also enables greater familiarization and penetration of ISMS not only among the members of the Ricoh Group companies but also among the members of its business partners.
|
|
|
