The Ricoh Group, in its Corporate Social Responsibility Charter, declares its aspiration to be an enterprise whose growth and success are desired by the general public, and Ricoh is committed to the fulfillment, from a global perspective, of its corporate social responsibility in every business aspect. This section gives you an overview of information security as envisioned by the Ricoh Group as well as its basic approach and features.
Qualities of Companies that Society Wants to See Grow and Succeed
As a company whose business domain is linked to information fields, the Ricoh Group recognizes the importance of information security in pursuing its mission of delivering products and services that customers can use with peace of mind. For this reason, the Ricoh Group requires all of its employees to participate in information security initiatives and makes sure that daily management and continual improvement are carried out on shop floors and in offices. It also encourages the development of products and services reflecting the added value gained in the process and their active internal use before presenting them to customers. These efforts are Ricoh’s way of putting the Charter’s “conscientious corporate mindset” and “harmony with society” into practice.
Establishing Business-Oriented Information Security Corporate Management while Balancing Information Use and Protection
Establishing a Corporate Information Security Culture
1) Participation by all employeesCustomers are at the origin of all actions initiated by the Ricoh Group. In the course of delivering value to customers, all employees engaged in the Group’s business activities—which range from product planning, development and manufacturing to sales and servicing—think of customers’ needs and requirements from the customers’ viewpoints and make the most of the technical, marketing and customer information needed for their respective responsibilities and tasks. Information security management is not carried out by a select group of departments or task domains alone; rather, it is considered a comprehensive endeavor that requires the participation of all employees from senior management and executives to clerical workers as well as cooperating business partners.
2) Daily management and continual improvement
Information security management becomes real only if it is translated into practical and consistent action by all employees in the course of their daily activities. The Ricoh Group makes sure that standards and rules are firmly in place and education and training programs are fully administered. To ensure that employees put them into daily practice, self-management by each employee, periodic checks by supervisors and audits by internal and external auditors are also carried out, and corrective actions are taken promptly for improvements. The effective use of the PDCA-based management cycle by all levels of personnel from employees and managers to leaders and senior management results in continual improvement, which in turn enhances the level of security.
3) Company practicesRicoh Group companies routinely use security products and solutions developed in-house, based on the firm foundations of information security management contributed to by all employees. Those products and solutions are intended for customers to solve a broad range of issues that obstruct the creation of a secure enterprise. Company practices allow verification of the product and service utility and allow Ricoh to incorporate any needed improvement before delivery to customers.
Delivery of New Value to Customers through Efforts to Boost Security
With these actions as the basis, it strives to fully enforce risk management with the goal of fulfilling its corporate social responsibility. For customers, these actions also yield new value in the form of strategic products and systems, consulting and know-how.