Established: June 12, 2005
Revised: August 1, 2025
Kaga Yanagisawa
President & CEO, Representative Director, Member of the Board
Nomura Research Institute, Ltd.

The NRI Group recognizes its role as an information service provider and is committed to maintaining public trust by protecting its information assets from threats such as unauthorized access and cyberattacks. To this end, we have established a robust information security management framework that continuously enhances security across the entire NRI Group.

The NRI Group has appointed a Chief Information Security Officer and implemented a comprehensive, organization-wide information security management system. Each business division and group company designates both an Information Security Manager and an Information Security Officer, ensuring continuous improvement of security practices throughout the organization.

The NRI Group identifies, analyzes, and evaluates information security risks for the assets we handle, including data entrusted to us by our customers. Based on this risk assessment, we implement appropriate and effective control measures, such as managing access rights, to protect these assets from threats like unauthorized access and tampering.

The NRI Group collects information on security threats, identifies and analyzes those relevant to its business, and has established a system for implementing countermeasures. Should a security threat or breach occur, the NRI Group promptly notifies affected stakeholders and takes swift, appropriate action.

To ensure proper management of information assets, The NRI Group regularly updates its internal rules and regulations to adapt to evolving information security laws and technological advancements. We provide information security education to all executives and employees, raising awareness of security practices and ensuring internal rules are effectively communicated across the organization.

To mitigate information security risks across the supply chain, the NRI Group establishes agreements with its business partners to ensure the secure handling of information assets and collaborates with them to ensure compliance with these agreements.