Information Security at Konica Minolta

 
To pursue its strategic goals and thus remain competitive in the market, Konica Minolta Business Solutions Europe GmbH must meet the necessary information security standards and comply with data privacy regulations. Konica Minolta Europe recognizes at senior levels the need to ensure that its business operates smoothly and without interruption for the benefit of its customers, shareholders, and other stakeholders.

To provide such a level of continuous operation, Konica Minolta Europe has implemented an Information Security Management System (ISMS) in line with the International Standard for Information Security, ISO/IEC 27001.

Information Security is a question of organisational culture and commitment

All clients and production information as well as sensitive business-critical information must be held securely. An Information Security Management System (ISMS) is implemented to ensure that the information security standards are continuously adapted following the legal and stakeholder requirements. All relevant information must be categorized according to security levels following the security objectives "Confidentiality", "Integrity" and "Availability".

Commitment to the delivery of information security extends to senior levels of the organization and will be demonstrated through the Information Security Policies and the provision of appropriate resources to establish and develop the ISMS. All relevant resources for the ISMS are provided by Konica Minolta Europe. All relevant employees, in particular those included in the ISMS scope, must take part in this implementation and must ensure a stable operation of the ISMS.

 

Information exists in many forms

  • Information Security at Konica Minolta Printed or written on paper
  • Stored electronically, published on websites
  • Visual e.g. pictures, videos, diagrams
  • Verbal/aural e.g. conversations, phone calls
  • Intangible e.g. knowledge, experience, expertise, ideas

Laptop Smartphone Handy Paper Office
A risk management approach and process will be used which is in line with the requirements and recommendations of ISO/IEC 27001. Risk management will take place at several levels within the ISMS, including:
  • Assessment of risks to the achievement of our information security objectives
  • Regular information security risk assessments within specific operational areas
  • Assessment of risk as part of the business change management process
  • At the project level as part of the management of significant changes
The management commits to ensuring continuous monitoring through relevant KPIs and the review of the company information security environment to fulfill the ISO/IEC 27001 requirements and to resolve non-conformities accordingly.

We would encourage all employees and other stakeholders in our business to ensure that they play their part in delivering our information security objectives.