AWS’ mission is to contribute to the advancement and development of society through providing high quality products and services made available by our premier technology and creativity. We believe that, in order to fulfill such mission, all our employees must recognize the importance of information assets, actively use the information technology, and use information effectively. As members of information society, we must protect our information assets from risks that may arise from the use of information technology. As we seriously recognize the importance of information security, we improve the security level of our information assets and thoroughly implement information security management measures in order to strengthen our company’s credibility in conducting business activities. AWS defines our information security policy as follows, in alignment with our management policy, placing the highest priority to the confidentiality of our customers’ information assets and our internal information assets, and also aiming to ensure entirety and availability of information in our plan documents and proposal documents.

1. AWS maintains and continuously improves the ISMS (Information Security Management System) by establishing the organization for information security management, understanding the actual situation of our information system operation accurately through information security committee and information security management officers, and implementing necessary measures from both technical and operational perspective for the improvement of information security.
    
2. AWS establishes risk assessment standard and risk assessment systems and based on these, defines structured approach for risk assessment. Special emphasis will be placed on confidentiality of our customers’ information assets and our employees’ personal information, entirety of our information system, and availability of know-how accumulated in the company. AWS conducts risk assessment to identify threats to and vulnerability of information assets and sets forth security requirements.
    
3. AWS complies and observes information security related laws and standards such as Unauthorized Computer Access Law, Personal Information Protection Law and Copyright Law and others.
    
4. AWS advocates information security by conducting necessary training on information security to all employees.