Contact

03-5719-7533

Company Overview

Company Overview

International Certificate authority of Management System Co.,Ltd. (ICMS)

Company Name International Certificate authority of Management System Co.,Ltd. (ICMS)
Capital 20,000,000 JPY (as of November 1,2020)
Description of Business Providing third party certification / auditing service on Information Security
Certification
Standards		 JIS Q 27006(JIP-ISAC100/ JIP-ISAC101)
PCI SSC Qualified Security Assessor Company (PCI DSS/P2PE/3DS/PIN Security)
AREA: APAC
  • JIS Q 27006:2012(JIP-ISAC100-2.4)
  • ISMS-AC-CLS_ISR010
  • PCI DSS 認定セキュリティ評価機関(QSAs)
  • PCI P2PE 認定セキュリティ評価機関(PCI P2PE QSAs)
Address

Head Office:
Meguro Nishiguchi M2 Bldg. 5F, 2-24-11 Kamiosaki, 
Shinagawa-ku, Tokyo, Japan 141-0021
TEL:+81-3-5719-7533
FAX:+81-50-3737-4783MAP

Sapporo Office:
Haruno Bldg. 3F, 16-1-323 Minami-chijyo-nishi,
Chuo-ku, Sapporo-shi, Hokkaido, Japan 060-0061
Management Representative Director Chairman : Kunio Ebihara
Representative Director President : Yoichi Ueno
Auditor : Noriyuki Uematsu (Certified public accountant)
Group Company
サービスマップ
ICMS Solutions Co., Ltd.
ICMSソリューションズ株式会社ロゴ画像

Meguro Nishiguchi M2 Bldg. General reception 5F,
2-24-11 Kamiosaki, Shinagawa-ku, Tokyo 141-0021, Japan
TEL:+81-3-5719-3188

ICMS Cyber Solution(Thailand) Co.,Ltd.
ICMSサイバーソリューション株式会社ロゴ画像

15th Floor, 253 Asoke Building, 21 Sukhumvit Rd, Khlong Toei Nuea, Wattana, Bangkok 10110, Thailand
TEL:+66 (0)21155125

A Message from the President

In recent years, the rapid proliferation of cloud computing and mobile technologies, coupled with the evolution of AI, has dramatically transformed corporate IT infrastructures and business models on a daily basis. Correspondingly, the importance of information security is growing ever greater, making the reinforcement of management systems and the assurance of reliability a pressing challenge for all companies.

Our company possesses an extensive track record in both PCI Assessments and ISMS Audits, earning us a reputation as one of Japan's leading audit bodies. In PCI Assessments, we primarily assess compliance with security standards aimed at the credit card industry. Through ISMS Audits, we support organizations in obtaining certification based on the international standard for Information Security Management (ISO/IEC 27001 / JIS Q 27001).

In both types of assessments, we go beyond mere formal checks. We place a high value on assisting clients in building information security systems that are effective and sustainable. To achieve this, we prioritize the continuous education and technical development of our auditors. As a result, we possess a large number of highly skilled professionals who are well-versed in the latest technologies, including cloud, AI, and mobile platforms.

Leveraging this track record and technical expertise, we are now expanding our focus to overseas markets, offering assessment and audit services that meet international security standards. We are committed to continuing to provide dependable value as a trusted third-party organization, even within the global business environment.

Moving forward, our entire staff is dedicated to serving as a partner that protects your corporate information assets in a changing society. We sincerely ask for your continued guidance and support.

International Certificate authority of Management System Co.,Ltd.

Representative Director President Yoichi Ueno

Contact Us

Meguro Nishiguchi M2 Bldg. 5F, 2-24-11 Kamiosaki,
Shinagawa-ku, Tokyo, Japan 141-0021
TEL:+81-3-5719-7533
FAX:+81-50-3737-4783

より大きな地図で ICMS を表示

Our Certification Policy

Information security risks are directly linked to business risks that can impact a company's business continuity. Third-party certification auditing, which targets the mechanisms for managing such risks, must prioritize providing benefits that contribute to the management of the enterprise seeking certification.

Since the risk management approach differs based on the audited organization's business content, operational structure, and the criticality of the information to be protected, our Certification Body and our auditors will work with the audited organization through risk assessment to clarify the relevant business risks. We ensure a mutual understanding with the client company regarding the scope and objectives of the Information Security Management System (ISMS). The audited organization's perspective on what the ISMS should be is always prioritized. Our Certification Body and our auditors will assess the current state of information security within those organizations and audit the system's effectiveness and operation.

In recent years, the escalating number of credit card data breaches and fraudulent use has become a major social issue. Since credit card information leakage has a high potential for direct financial loss, strict management is required of handling entities.

Our organization conducts assessments for the Payment Card Industry Data Security Standard (PCI DSS), an international security standard specific to credit cards, based on 12 specific requirements covering areas such as securing the network, protecting cardholder data, and implementing access control measures.

Our experienced auditors, possessing specialized knowledge of the audited organization's operations, advanced network expertise, and capabilities, conduct audits on security policies, rules, operational security, technical security, and physical security. These measures are designed to protect card and payment information with the goal of reducing risks such as website tampering, misuse, and information theft.

International Certificate authority of Management System Co.,Ltd.
Representative Director President Yoichi Ueno

Commitment to Impartiality

Our Certification Body understands the importance of impartiality in the Certification Audit and Registration activities for JIS Q 27001 (ISO/IEC 27001), as well as in PCI DSS Assessment activities. We identify potential conflicts of interest arising from the provision of auditing and assessment services, and hereby declare that we ensure the objectivity of our certification and assessment activities as follows:

  • Impartiality Committee: We have established an Impartiality Committee, composed of external members, to monitor the impartiality of our activities and enhance the reliability of our certification and registration services.
  • Fair Practice: We will conduct fair audits and assessments for all customers, including those receiving services from our affiliated companies. Furthermore, we will never suggest in our sales activities that certification or auditing will be easier, simpler, faster, or cheaper.
  • Confidentiality: We will never provide any client-specific information obtained during audits or assessments to our affiliated companies.
  • Conflict Management: We manage conflicts of interest in our certification and assessment activities by eliminating threats to impartiality from all interested parties.
  • Monitoring and Response: We maintain a constant system for monitoring information and responding to ensure that our auditors and assessors can operate appropriately without conflicts of interest.
  • Internal Control: We conduct timely and appropriate internal audits and training.

________________________________________
Reporting Concerns
If a certified organization, registered organization, or assessed organization believes there is a lack of impartiality or suspects a breach of impartiality in our certification or assessment activities, please contact our Complaints Handling Desk.
This information will not only provide valuable insight and feedback regarding our potential conflicts of interest but will also serve as crucial input for maintaining and enhancing the credibility of our scheme.
The Certification Body will fairly accept all complaints and appeals, thoroughly investigate the facts, and ensure a sincere response is provided.

International Certificate authority of Management System Co.,Ltd.
Representative Director President Yoichi Ueno

to page top