i-Reporter Cloud Service Level 2025.2
- METI Guidelines Cloud service level
Checklist version - Ministry of Internal Affairs and Communications Guidelines for Cloud Service Safety and Security
Guidelines for disclosure of information related to reliability
Security policy, initiatives and responses regarding i-Reporter
■Security policy
- CIMTOPS Corporation. positions its published Information Security Policy (https://cimtops.com/security/) as its highest-level policy, and carries out information security management activities within the scope of ISMS (ISO/IEC27001:2022) in all areas of product planning, development, sales activities, operational monitoring and support.
■ Regarding initiatives and responses
- In our ISMS management measures, we design and implement our systems with a focus on the security environment, including secure development. At the same time, we are taking the following measures to keep up with the changing security environment:
- Collect and evaluate security information daily
- Disseminating and sharing security information rated as urgent or critical, and considering countermeasures
- If security measures are required, implement countermeasures and tests
- Receive vulnerability assessments by a third party at least once a year and implement corrective measures if deemed necessary
- 24/7 manned monitoring
- Our ISMS activities undergo internal and external audits at least once a year in an effort to maintain and improve our security level.
- In the event of an incident that results in a service outage, we have established the necessary internal systems to notify customers via our support website and to notify customer representatives by email.
- The entire company works together to carry out the above activities in order to maintain and improve the level of information security.
The reliability and track record of the company
- Company Name
- CIMTOPS Corporation.
- Date of Establishment
- October 1, 1991
- Director
Representative Director and CEO
Takashi Mizuno
Director and COO
Kazuyuki Okubata
Director and CTO
Seiichiro Wada
Director
Shu Mukaiyama
- Business Contents
- Development and sales of production scheduler and production management system DIRECTOR for individual order production
- Development and sales of the paperless "on-site" recording, reporting and viewing solution ConMas i-Reporter
- Easily IoT-ize existing machinery and equipment from any manufacturer
- Development and sales of MPPCreator, a BOP process editor for creating M-BOM and manufacturing processes in conjunction with E-BOM
- Development and sales of production management related software
- System integration related to the above
- System Consultation
- Head Office Location
- 〒141-0021 東京都品川区上大崎2-25-2新目黒東急ビル10階TEL:03-5721-4610 FAX:03-3491-4610
- Business/Affiliated Corporation
- [Domestic] Chubu Area Office, Kariya Seminar Room, West Japan Area Office
[Overseas] (China) CIMTOPS Corporation. Thailand Representative Office.
- Cloud Service Name
- i-Reporter cloud version service
- Service type
- SaaS-based services
- Service Details
- The i-Reporter system will be deployed on the Azure platform operated by Microsoft Japan, which is located in the Japanese region, and a service will be provided that allows users to use the i-Reporter functions via the Internet.
- The service, like the on-premise i-Reporter, includes ConMas Designer for designing input forms, ConMas Manager for assisting with user registration and access management for inputting and outputting various forms, management of designed forms, and access log management, as well as a storage area for storing various data, and adds server functions, all of which are necessary to use i-Reporter, all on the cloud.
- Implementation track record
- As of February 2025, the service is used by more than 4,200 companies (more than 205,000 users), including listed companies.
Summary of i-Reporter Cloud Service Terms of Use
Please refer to the main text for details of the terms of use.
- Functions provided by this service
- A service that provides server space for storing customers' electronic data.
- A service that provides certain software functions built on a server
- A service that provides tools to manage stored electronic data of customers
- Service Period
- For monthly use, the basic service will be for one month from the 1st of the month following the month in which the contract is concluded, and will then be automatically renewed.
- In the case of annual use, the contract will be for one year from the 1st of the month following the month in which the contract is concluded, and you will need to place an order for the following year.
- In the case of multiple-month use, the agreed period will start from the 1st of the month following the contract conclusion, and if you wish to continue the service, you must place a subsequent order by the 25th of the final month.
- Cancellation procedure
- For monthly subscriptions, you must notify us of your intention to cancel by the 25th of the month you wish to cancel.
- In the case of annual or multi-month subscriptions, if you do not place an order for renewal by the 25th of the month in which the contract ends, the contract will expire.
- Cancellation
- For monthly subscriptions, please notify us one month in advance of your cancellation. If you do not notify us, your subscription will be automatically renewed.
- For annual or multi-month contracts, please notify us by the 25th of the month you wish to cancel. However, we cannot refund any fees you have already paid.
- support
- The "contact person" you registered when you started using the service will provide support after confirming the ID and password issued by our company.
- Inquiries via the support website are accepted 24 hours a day, 365 days a year.
- Inquiries will be responded to according to the date, day of the week, and time period as specified by our company.
- Personal information and important information
Handling - As stipulated in the i-Reporter Cloud Service Terms of Use, we do not detect whether the information you handle includes "personal information," "specific personal information," "important confidential information," "classified information," etc.
- With cloud services, customers are responsible for managing the information (data) they handle.
- Responsibility for managing data
- You are responsible for managing backups of data used in i-Reporter and records related to access and processing of i-Reporter.
- Service suspension
- Cloud services undergo maintenance to improve service operation. During maintenance, the system may be temporarily suspended or some functions may be unavailable.
- A notification will be sent via email to the registered person in charge approximately one week prior to the maintenance.
- Service Retirement
- If we discontinue our cloud service, we will notify you by the means provided by our company at least three months prior to the planned discontinuation date.
- Coverage
- We guarantee that the service will not be interrupted for more than 24 consecutive hours.
- If the service is suspended for 24 consecutive hours or more due to a malfunction of the service network installed by our company, we will provide compensation at our option, which will be determined by our company in accordance with the conditions stipulated in the terms and conditions.
- Please note that compensation may not be available.
- Disclaimer and Termination of Contract
- For disclaimers and contract termination conditions, please refer to the Cloud Service Terms of Use.
- Governing law and jurisdiction
- The laws of Japan shall govern this matter. The Tokyo District Court shall have jurisdiction.
Microsoft Azure
■ Physical access control for data centers
- As the service infrastructure for providing the i-Reporter cloud version service, we use multiple data centers in Japan provided by Microsoft Japan's Azure service (hereinafter referred to as Azure).
- Azure is used globally by Microsoft.
- It maintains extremely high reliability and security, and details of this can be found on the Microsoft website.
(https://docs.microsoft.com/ja-jp/azure/security/azure-physical-security)- Azure third-party certification
Azure has acquired many certifications, including FISC, CS MARK (Gold), ISO20000, ISO27001, ISO27017, and ISO27018. For details, please check the information published on the Microsoft website.
(https://learn.microsoft.com/ja-jp/compliance/regulatory/offering-home)
- Azure third-party certification
■About infrastructure management
- Please refer to the following published information regarding Azure infrastructure vulnerability and incident management:
- https://docs.microsoft.com/ja-jp/azure/security/fundamentals/infrastructure-monitoring
■About access control (permissions) within Azure
- Stay up to date with the latest information on Azure architecture and management in Azure.
- https://docs.microsoft.com/ja-jp/azure/security/fundamentals/infrastructure-components
■ Disaster prevention measures for data centers, such as fires and earthquakes
- Microsoft Japan's Azure service has obtained ISO22301 certification as a business continuity management standard.
ISO22301 is a global standard for Business Continuity Management Systems (BCMS).
Microsoft's response to ISO22301- Scope of application (Services covered by ISO22301)
- Audit reports and certificates
■ About data deletion and destruction
- Please check the information published by Microsoft. (Summary of the published content is below)
- In the event of a hardware failure of a storage disk drive, the disk drive will be securely erased or destroyed before Microsoft returns it to the manufacturer for replacement or repair. Any data on the drive will be completely overwritten to ensure that it cannot be recovered by any means.
- When such devices are disposed of, they will be wiped or destroyed in accordance with the US NIST 800-88 Guidelines for Media Sanitation.
- https://www.microsoft.com/ja-jp/trust-center/privacy/data-management
certification
■ Certifications held by CIMTOPS Corporation.
- Our company is ISO/IEC27001 certified.
- We apply security policies, organisations and structures, and management measures.
