Information security policy

In order to achieve appropriate protection of information assets, we have established a policy regarding information security and will actively promote this policy.

In order to achieve appropriate protection of information assets, we have established a policy regarding information security and will actively promote this policy.

Information security policy

April 1, 2023

TSUNAGU GROUP HOLDINGS Inc.

Representative Director and President Mitsuhiro Yoneda


Tsunagu Group companies (which refers to TSUNAGU GROUP HOLDINGS Inc., Ltd. and its affiliated companies, hereafter referred to as "Tsunagu Group") operate a recruitment consulting business with the aim of becoming a commonly used and indispensable "infrastructure" in the human resources recruitment market.

In conducting its business activities, the Tsunagu Group utilizes a large amount of information assets, including personal information entrusted to it by customers, and we recognize that protecting these information assets is a management priority in order to meet the expectations of all stakeholders.

Therefore, Tsunagu Group has formulated a basic policy on information security, and based on this basic policy, we will build and operate an ISMS (Information Security Management System), and we hereby declare that the entire group will work on continuous improvement in light of changes in the environment surrounding the Tsunagu Group.


In addition, Tsunagu Group will set the following security objectives and ensure that measures are taken to achieve these objectives.

- Respect and comply with contracts with customers and legal or regulatory requirements.
- Prevent information security incidents before they occur.
- In the unlikely event of an information security incident, minimize the impact.

that's all

Information security management system



Applicable standards ISO/IEC 27001:2022
Certification registration number IS790536
Certification scope ・Recruitment consulting, recruitment agency services, and call center operations
・Development and operation of recruitment media
・Application contract development work
Declaration of application 1 September 2024. Declaration of Applicability 2nd Edition
First registration date October 12, 2023
Expiry date October 11, 2026
Examination body BSI Group Japan Co., Ltd.

Cloud Service Security



Applicable standards ISO/IEC 27017:2015
Certification registration number CLOUD 807615
Certification scope ISMS Cloud Security Management System for use as a customer of Amazon Web Services and Heroku cloud services
Declaration of application 1 September 2024. Declaration of Applicability 2nd Edition
First registration date October 3, 2024
Expiry date October 11, 2026
Examination body BSI Group Japan Co., Ltd.

Privacy Information Management System (PIMS)



Applicable standards ISO/IEC 27701:2019
Certification registration number PM 807617
Certification scope ・Management and processing of PII related to the operation of recruitment media as a PII manager ・Processing of PII related to recruitment agency work and call center work as a PII processor
Declaration of application 1 September 2024. Declaration of Applicability 2nd Edition
First registration date October 3, 2024
Expiry date October 11, 2026
Examination body BSI Group Japan Co., Ltd.