Policy

In today’s world, where the convenience of digitalization has also brought with it the great risk of losing trust due to information leaks, the financial impact of information security on our business is significant and must be a point of focus. We position information security as one of our important management strategies and ensure information security by establishing an information security system, educating our employees, appropriately managing our information assets, and responding to cyberattacks, among other measures. Six information security incidents* occurred in fiscal 2025, which did not cause any inconvenience to customers, but we are working to strengthen the management of information assets by implementing individual preventive measures and providing training on countermeasures.

We believe that it is important to work together as a company for everything we do. Our such efforts will be centrally managed and improved to a high standard by adopting initiatives in line with the Panasonic Group’s management systems as a reference. In addition, we will build systems and rules optimized for the Company by drawing on the collective wisdom of our employees, thereby protecting the information of our customers around the world and everyone involved in our business. To work toward fulfilling our Mission of “achieving a society in which the pursuit of happiness and a sustainable environment are harmonized free of conflict,” we aim to ensure customer satisfaction and trust by having zero information security incidents.

* Refers to the following incidents that threaten the safety of information held and managed by the Panasonic Group, including trade secrets, personal information, customer information, etc. (including information of other parties).

  • Information leaks or suspected leaks outside of the Company
  • Unauthorized access or suspected unauthorized access to the Company’s information from inside or outside the Company
  • Destruction or falsification of information, or suspected destruction or falsification of information

Policy

In today’s world, where the convenience of digitalization has also brought with it the great risk of losing trust due to information leaks, the financial impact of information security on our business is significant and must be a point of focus. We position information security as one of our important management strategies and ensure information security by establishing an information security system, educating our employees, appropriately managing our information assets, and responding to cyberattacks, among other measures. Six information security incidents* occurred in fiscal 2025, which did not cause any inconvenience to customers, but we are working to strengthen the management of information assets by implementing individual preventive measures and providing training on countermeasures.

We believe that it is important to work together as a company for everything we do. Our such efforts will be centrally managed and improved to a high standard by adopting initiatives in line with the Panasonic Group’s management systems as a reference. In addition, we will build systems and rules optimized for the Company by drawing on the collective wisdom of our employees, thereby protecting the information of our customers around the world and everyone involved in our business. To work toward fulfilling our Mission of “achieving a society in which the pursuit of happiness and a sustainable environment are harmonized free of conflict,” we aim to ensure customer satisfaction and trust by having zero information security incidents.

* Refers to the following incidents that threaten the safety of information held and managed by the Panasonic Group, including trade secrets, personal information, customer information, etc. (including information of other parties).

  • Information leaks or suspected leaks outside of the Company
  • Unauthorized access or suspected unauthorized access to the Company’s information from inside or outside the Company
  • Destruction or falsification of information, or suspected destruction or falsification of information

Basic Information Security Policy

The Company has appointed a Chief Information Security Officer (CISO) as the officer in charge of information security and personal information protection, directly reporting to the President who is responsible for managing the Company. The promotion system is designed to enable the Information Security Promotion Manager and the Information Security Promotion Office, appointed by the CISO, to interact with the workplace to gather knowledge and engage in initiatives through committee activities.

Diagram illustrating Panasonic’s information security and personal data protection framework, showing a structure led by the President and CISO, with collaboration among promotion leaders, secretariat, committees, and workplaces to enable two-way engagement.

Diagram of information security promotion system

Basic Information Security Policy

The Company has appointed a Chief Information Security Officer (CISO) as the officer in charge of information security and personal information protection, directly reporting to the President who is responsible for managing the Company. The promotion system is designed to enable the Information Security Promotion Manager and the Information Security Promotion Office, appointed by the CISO, to interact with the workplace to gather knowledge and engage in initiatives through committee activities.

Diagram illustrating Panasonic’s information security and personal data protection framework, showing a structure led by the President and CISO, with collaboration among promotion leaders, secretariat, committees, and workplaces to enable two-way engagement.

Diagram of information security promotion system

Details of initiatives

Management of information assets

At the department that created information or the department that received information from other parties, the manager of such department establishes the confidentiality, scope of disclosure, and handling of the information as the owner of the information, and protects the information appropriately. Information disclosed by and received from other parties under a confidentiality agreement will be managed as confidential information in accordance with the provisions of the Panasonic Group Global ISM (Information Security Management) Regulations and related rules. Departments that hold information will conduct periodic inventory checks to identify the confidential information and check its management status, thereby proving that the confidential information is properly managed in the Company.

Cyber security

Panasonic Energy is implementing cyber security measures to ensure the safety of the systems and facilities that manage our information assets, as well as the products and services we provide to our customers. To prepare for risks related to cyber security (in addition to IT security, manufacturing system security, and product system security) in the supply chain, a specialized department collects and monitors information on a regular basis and conducts response drills in collaboration with each organizational unit.

Education and training

The Information Security Promotion Office regularly plans and implements education and training to prevent information leaks. Specific initiatives include e-learning programs, targeted attack e-mail drills, and seminars by outside instructors to train management and organization leaders. We have also produced an educational manga in six languages to enable all employees to learn about information security in a fun way, and are distributing it globally.

Through these measures, we are working to thoroughly enforce our information security rules and raise employee awareness.

Photo of an executive training session conducted by an external lecturer in fiscal 2025, highlighting Panasonic’s efforts to strengthen leadership capabilities through continuous learning.

Management education by outside instructors (FY2025)

Photo of an educational comic designed to help all employees enjoy learning about information security, promoting awareness through engaging visual storytelling.

Educational manga on the topic of information security
Production: Trend-pro Inc.

Audit and ISO27001 certification

The Information Security Promotion Office conducts internal audits globally in accordance with the Panasonic Group Information Security Audit Guidelines to confirm the implementation status of information security management measures in each department. When deficiencies are discovered, we provide instructions for improvement and monitor the situation. Acquisition or continuation of ISO27001 certification is determined by each business site based on the nature of its business, customer requirements, etc., and we annually review those business sites that must acquire or maintain the certification.

Compliance with laws and regulations, protection of personal information

We comply with laws, regulations, and other norms related to information security. In recent years, personal information protection laws have been enacted and enforced in many countries, and we believe that protecting personal information is an important matter. We have established an assessment mechanism that complies with the Panasonic Group's response manual. Under this mechanism, we acquire and manage personal information and educate our employees in order to protect privacy.

Photo of Panasonic’s internal portal displaying information security manuals and guidelines, supporting employee awareness and compliance through centralized access to key resources.

Personal Information Protection Portal (internal intranet)

Details of initiatives

Management of information assets

At the department that created information or the department that received information from other parties, the manager of such department establishes the confidentiality, scope of disclosure, and handling of the information as the owner of the information, and protects the information appropriately. Information disclosed by and received from other parties under a confidentiality agreement will be managed as confidential information in accordance with the provisions of the Panasonic Group Global ISM (Information Security Management) Regulations and related rules. Departments that hold information will conduct periodic inventory checks to identify the confidential information and check its management status, thereby proving that the confidential information is properly managed in the Company.

Cyber security

Panasonic Energy is implementing cyber security measures to ensure the safety of the systems and facilities that manage our information assets, as well as the products and services we provide to our customers. To prepare for risks related to cyber security (in addition to IT security, manufacturing system security, and product system security) in the supply chain, a specialized department collects and monitors information on a regular basis and conducts response drills in collaboration with each organizational unit.

Education and training

The Information Security Promotion Office regularly plans and implements education and training to prevent information leaks. Specific initiatives include e-learning programs, targeted attack e-mail drills, and seminars by outside instructors to train management and organization leaders. We have also produced an educational manga in six languages to enable all employees to learn about information security in a fun way, and are distributing it globally.

Through these measures, we are working to thoroughly enforce our information security rules and raise employee awareness.

Photo of an executive training session conducted by an external lecturer in fiscal 2025, highlighting Panasonic’s efforts to strengthen leadership capabilities through continuous learning.

Management education by outside instructors (FY2025)

Photo of an educational comic designed to help all employees enjoy learning about information security, promoting awareness through engaging visual storytelling.

Educational manga on the topic of information security
Production: Trend-pro Inc.

Audit and ISO27001 certification

The Information Security Promotion Office conducts internal audits globally in accordance with the Panasonic Group Information Security Audit Guidelines to confirm the implementation status of information security management measures in each department. When deficiencies are discovered, we provide instructions for improvement and monitor the situation. Acquisition or continuation of ISO27001 certification is determined by each business site based on the nature of its business, customer requirements, etc., and we annually review those business sites that must acquire or maintain the certification.

Compliance with laws and regulations, protection of personal information

We comply with laws, regulations, and other norms related to information security. In recent years, personal information protection laws have been enacted and enforced in many countries, and we believe that protecting personal information is an important matter. We have established an assessment mechanism that complies with the Panasonic Group's response manual. Under this mechanism, we acquire and manage personal information and educate our employees in order to protect privacy.

Photo of Panasonic’s internal portal displaying information security manuals and guidelines, supporting employee awareness and compliance through centralized access to key resources.

Personal Information Protection Portal (internal intranet)