Main content

ISMS Certification / Cybersecurity maturity assessment

ISMS Certification / Cybersecurity maturity assessment

Status of certification in Japan and overseas

Ricoh Group companies in Japan obtained unified ISMS (Information Security Management System) certification in December 2004. We worked to further establish and entrench an information security promotion system as a Group in 2006 when our Group companies outside Japan also joined the certification program. Ricoh has a policy to obtain certification at companies and organizations that serve as contact points for transactions with customers, and we are requested by customers or external organizations to obtain ISMS certification.

In FY2024, we renewed our certification after passing the ISMS certification audit.

To date, a total of 62 group companies — 6 in Japan and 56 overseas — have been certified. (as of May 2024).

Cybersecurity maturity assessment

The Ricoh Group has a system in place whereby a third party checks the conformity and effectiveness of ISMS through internal and external audits.

The results of the external audits that were conducted continuously in FY2023 revealed the need to address the further enhancement of the cross organizational information security governance system. Based on the audit results, the Ricoh Group will work to establish a more robust cross organizational governance system.

Cybersecurity maturity assessment (including handling of personal information)

  1. Governance, risk and compliance of security
  2. Security management of network boundaries
  3. Security management of end points
  4. Security management of data
  5. Security management of applications
  6. Identity and access management (IAM)
  7. Security monitoring and fault management
  8. Security management of mobile and social media
  9. Security vulnerability management
  10. IT asset management and change/configuration management
  11. IT service continuity management
  12. Physical security management