Ricoh Group companies in Japan obtained unified ISMS certification in December 2004. We took this a step further in 2006 when our overseas group companies also started the process of acquiring certification. Since then, we have been working towards establishing an information security promotion system across the Group. We set a policy on obtaining ISMS certification among companies and organizations which contact and serve customers and receive requests from customers or external bodies to obtain certification.
In FY2018, we renewed our certification after passing the renewal audit. To date, a total of 53 group companies — 8 domestic and 45 overseas — have been certified (as of September 2018).
In order to offer our products and related solution services to our customers and business partners, the Ricoh Group maintains ISMS certification at companies throughout the sales chain — including support, logistics and financial companies — and as necessary at some production, rental and software companies.
The Ricoh Group has a system in place whereby a third party checks the conformity and effectiveness of ISMS through internal and external audits.
The results of the external audits that were conducted continuously in FY2018 revealed the need to address the further enhancement of the cross organizational information security governance system. Based on the audit results, the Ricoh Group will work to establish a more robust cross organizational governance system.