CRI Middleware Co., Ltd. (hereafter, “CRI”) considers the safe and secure management of personal information and information assets handled in the course of its business activities as an important responsibility in order to ensure that customers can use the technologies and services provided by CRI with peace of mind.
As a guideline for protecting our information assets, we have established a policy on information security and will implement it and promote it as follows:
CRI has an information security management system in place, which is regularly audited and improved.
Internal regulations are maintained in accordance with the Information Security Policy. In addition, efforts are made to prevent unauthorized intrusions, leakage, and falsification of information assets.
CRI is committed to maintaining the confidentiality, integrity, and availability of all information assets in its possession to ensure that they are adequately protected.
When entering into an outsourcing contract, CRI fully examines the suitability of the outsourcing partner.
In addition, to maintain a high security level, the outsourcing partner is continuously reviewed, and contracts are strengthened.
CRI regularly educates and trains all employees and officers to ensure that information security is properly managed.
At any sign of a security incident, CRI will promptly investigate the cause and take action.
CRI complies with all laws, regulations and other guidelines relating to information security.
CRI regularly reviews and improves this policy.
Enacted on 25th June, 2016
Revised on 6th June, 2022
CRI Middleware Co., Ltd.
President and CEO Masao Oshimi
Security Management Officer, ISMS Committee Chairman, Executive Managing Director, Atsushi Sakurai
For more information on our privacy policy, please click here.
On 2nd September 2021, CRI obtained the JIS Q 27001:2014 (ISO/IEC 27001:2013) certification, the accreditation standard for ISMS (Information Security Management System).
| Certification marks |  |
| Office | CRI Middleware Co., Ltd. |
| Certification standard | JIS Q 27001:2023 (ISO/IEC 27001:2022) |
| Scope of registration | Research and development of audio, video, and file systems, and their sale and support as middleware products. |
| Registration number | J0488 |
| Certification body | ASR Co., Ltd. |
| Registration date | 2nd September 2021 |
ISMS stands for Information Security Management System and is a mechanism for maintaining the confidentiality, integrity, and availability of information in an organization. The international standard “ISO/IEC 27001 (JIS Q 27001)” defines how ISMS should be established, implemented, maintained, and improved. Certification is granted when compliance is confirmed by an audit by a third-party ISMS certification body, and audits are carried out periodically to maintain and update the ISMS.
“JIS Q 27001” is a domestic standard established as a Japanese Industrial Standard (JIS) by the Japanese Industrial Standards Committee (JISC) following the establishment and publication of ISO/IEC 27001.