Main content

ISMS Certification / Cybersecurity maturity assessment

ISMS Certification / Cybersecurity maturity assessment

Status of certification in Japan and overseas

Ricoh Group companies in Japan obtained unified ISMS (Information Security Management System) certification in December 2004. We worked to further establish and entrench an information security promotion system as a Group in 2006 when our Group companies outside Japan also joined the certification program. Ricoh has a policy to obtain certification at companies and organizations that serve as contact points for transactions with customers, and we are requested by customers or external organizations to obtain ISMS certification.

We renewed our ISMS certification after passing the renewal audit in FY2022, and also acquired the newly ISMS certification in FY2023.

To date, a total of 53 group companies — 6 in Japan and 47 overseas — have been certified. (as of December 2023).


Cybersecurity maturity assessment

The Ricoh Group has a system in place whereby a third party checks the conformity and effectiveness of ISMS through internal and external audits.

The results of the external audits that were conducted continuously in FY2018 revealed the need to address the further enhancement of the cross organizational information security governance system. Based on the audit results, the Ricoh Group will work to establish a more robust cross organizational governance system.

Cybersecurity maturity assessment (including handling of personal information)

  1. Governance, risk and compliance of security
  2. Security management of network boundaries
  3. Security management of end points
  4. Security management of data
  5. Security management of applications
  6. Identity and access management (IAM)
  7. Security monitoring and fault management
  8. Security management of mobile and social media
  9. Security vulnerability management
  10. IT asset management and change/configuration management
  11. IT service continuity management
  12. Physical security management