Japanese firm NTT Data Corporation to gain BS 7799

Press release: September 5, 2001

NTT Data Corporation has become one of the first Japanese companies to gain BS 7799 certification, the international standard for information security management.

NTT (Nippon Telephone & Telegraph) is the world's largest telecommunications company, and NTT Data Corporation is one of its largest subsidiaries.

This registration, awarded to the NTT Data IT Security Center in Kawasaki by BSI Japan, testifies to the company's systematic, on-going involvement in building and putting into practice a sound information security management system.

The IT Security Center was formed on January 1, 2001 to consolidate the various security-related departments scattered throughout the company. Staffed by around 100 security professionals, the center:

  1. builds security into all the systems developed and provided by NTT Data 
  2. manages information security inside the company 
  3. carries out new service provision and technology development intended as security infrastructure for society. 

The scope of the registration covers the management of the following information security-related services:

  1. Information security consulting 
  2. Remote operation of an Internet data cente (SecureFort) 
  3. In-company support of information security 
  4. Technical development related to information security 
  5. In-company information security management 

NTT Data became seriously involved in information security management in 1998, when it revised its information management and drew up a new information security policy. It appointed a Chief Information Security Officer (CISO) and formed a company-wide information security committee, made up of the heads of each company division.

Among the specific activities carried out by NTT Data in this area are several that are original to this company, including intensive information security training of all employees using a Web-based training system, and information security diagnosis of all management-level staff.

The information security management standard BS 7799, the basis of the international standard (ISO/IEC 17799), is attracting considerable attention as a global standard.

In Japan BS 7799 is recognized as the premier mark of outstanding information security management practices in enterprises and organizations. Under the direction of the Japanese Ministry of Economy, Trade and Industry, studies are being carried out toward the drafting of an assessment system and of JIS standards based on the BS 7799 specification.

Consulting support for acquiring BS 7799 certification was provided by the NTT Data subsidiary NTT Data Infobrio Inc. (Chuo-ku, Tokyo; Yosuke Takahashi, President).

NTT Data plans to continue a thorough program of introducing group-wide information security management, providing services and developing information systems that customers can rely on.