ESG

Information Security

Information Security

NHN delivers safe and reliable digital services by placing information security as its highest priority.

Information Security Management System

NHN operates a systematic management framework to proactively address increasing security threats and build a secure and reliable information protection environment. Centered on the Information Security Committee, NHN maintains a clear separation between its IT security operations and policy governance enabling greater specialization while continuously strengthening expertise and response capabilities across each domain.

Information Security Policies

NHN has implemented an information protection policy framework tailored to each operational domain. Policy compliance is reviewed at least once a year, with continuous evaluation and improvement of policy effectiveness. The framework is composed of top-level policies, role-specific guidelines, and detailed implementation standards, all designed to prevent information leakage through strict security principles.

Information Security Certifications

NHN has acquired certifications for its information security systems and service stability from accredited domestic and international institutions. NHN also undergoes regular assessments by national authorities to monitor, manage, and operate its data protection and security standards.

ISMS-P

Korea’s highest-level certification system for information security and data privacy

ISO/IEC 22301

International standard for Business Continuity Management Systems (BCMS)

ISO/IEC 27001, 27701, 29100

International standards for information security management, personal information management, and privacy frameworks

CSAP(Cloud Security Assurance Program) Certification [IaaS, SaaS, DaaS]

Certification required to offer secure cloud services to public institutions in Korea

ISO/IEC 27017, 27018, 27799

International standards for cloud security, personal information protection, and health data protection

CSA STAR

International cloud security certification administered by the Cloud Security Alliance (CSA)