International Standard Certification for Information Security Management System

In March 2007, MTBJ obtained ISO 27001 certification, the international standard on information security
management system (ISMS). Having achieved ISO 27001 certification by a U.S. accreditation organization (ANAB),
MTBJ’s information security management system is accredited to have the quality to clear the level of international
standard with proper management frameworks and strict implementation. After obtaining the certification, we
undergo annual surveillance audits and recertification audits every three years, thereby being subjected to
continuous checks for the design and operation status of our information security management system. In order to
remain a company trusted by its customers, we will strive to enhance the level of information security on an
ongoing basis.

MTBJ certification information

Certification Registration No. IS 513423
Scope of Certification The following businesses at the Investor Services Planning Division
  1. Operation planning and research and planning of systemization related to the asset administration businessand businesses incidental thereto
  2. Consulting and function sales businesses related to the asset administration business
  3. Development and oversight of business strategies related to the asset administration business Statement of Applicability, issued on October 31, 2014, Version 2
Date of Initial Registration 9-Mar-07
Certification Registration Organization BSI Group Japan K.K.
Category ISO/IEC27001:2013 ※1 JISQ27001:2014 ※2
Accreditation body ANAB (ANSI-ASQ National Accreditation Board) JIPDEC
  • An ISO/IEC standard, an international certification standard on Information Security Management System (issued in October 2013)
  • A Japanese certification standard on conformity assessment scheme of information security management system. For the ISMS certification audit standard, in March 2014, JIS Q 27001: 2014 was published in association with the publication of the international standard ISO/IEC 27001: 2013 to replace JIS Q 27001: 2006.
Internal control