SECURITY ACTION Compliance Support

Overview

64% of domestic ransomware victims are small and mid-sized businesses, and nearly one in five unauthorized access incidents originates from a business partner's network. SECURITY ACTION — a self-declaration program promoted by Japan's Ministry of Economy, Trade and Industry (METI) and IPA — is now directly tied to IT subsidy eligibility and client security requirements. This service combines five service tiers (M1–M9) tailored to your situation, enabling you to achieve ★ One-Star declaration in as little as 2–4 weeks, and ★★ Two-Star declaration in 8–12 weeks.

Challenges We Address

• A client has asked for proof of security measures and you don't know where to start
• SECURITY ACTION declaration is required for IT subsidy applications, but your preparation has not kept up
• No dedicated security staff — policies, records, and response procedures are all unmaintained
• Concerned about the risk of ransomware recovery costs exceeding ¥10 million, or losing client contracts

What We Deliver

• M1 Self-assessment & gap analysis (IPA-compliant answer sheet, priority findings report, improvement roadmap)
• M2 Security policy package (information security policy, management rules, incident response procedures)
• M3 Asset & incident register setup (IT asset register, account management ledger, update operating procedures)
• M4 Security training (customized training, comprehension test, attendance records)
• M5 Incident response drill (spear-phishing simulation, scenario exercise, after-action report)
• M6–M8 Technical security support (backup design, log collection/monitoring, EDR endpoint protection)
• M9 Periodic review & PDCA support (monthly/quarterly checks, annual SECURITY ACTION renewal support)

Example Use Cases

Frequently Asked Questions