• 2016.6.3

    NANAROQ entered into Distributor Agreement for the first time in Japan with Aruvio Inc. of US and will launch sales of cloud-based GRC (Governance, Risk and Compliance) service, “Aruvio GRC”

    NANAROQ Inc. (HQ located in Chiyoda-ku, Tokyo, Japan, President and CEO: Mr. Yoshikazu Sasaki, “NANAROQ”) entered into Distributor Agreement for domestic market with Aruvio, Inc. of US (HQ located in Atlanta, Georgia, CEO: Palaniswamy Rajan, “Aruvio”) and will launce sales of cloud-based GRC (Governance, Risk, Compliance) service, “Aruvio GRC” on June 3rd, 2016.

    There are trends that corporates try to increase their global market shares, that M&A becomes more common, that international regulations become stricter and that corporates wish to establish corporate governance. As a result, so-called GRC (Governance, Risk, Compliance), which is to establish and clarify risk management policy (Governance), to conduct risk management in accordance with the established polity (Risk), to monitor whether or not such risk management is conducted at each site according to the established policy (Compliance) and to manage GRC in a structured and integrated manner, started to draw attention in global scale.
    NANAROQ, a pioneer of GRC in Japan, started to handle GRC solution as early as in 2009 and has managed to successfully expand its GRC related business.
    NANAROQ is currently offering solutions in four areas, i.e., G, R, C plus S (Security).
    In recent years, the role of information system in corporate management becomes increasingly important and at the same time risks associated with information system also have increased year by year. Therefore, there is a strong demand today to use GRC tool for information security. It is important to create a structure to visualize security risk, to perceive state of corrective actions and to take prompt remedial actions when incidents are identified. With this background, NANAROQ decided to launce sales of “Aruvio GRC”, offering superior features in information system, IT and GRC solutions.

    ■Features of “Aruvio GRC”
    Aruvio has been offering easy-to-use and cost-effective cloud-based GRC solution since 2012.
    More than 900 regulations and standards are loaded on "Aruvio GRC". By incorporating controls into common controls framework, management cost and required workload can be much reduced.
    "Aruvio GRC" platform is the comprehensive solution offered on cloud platform of US (Japanese Branch: Co.,Ltd., Head Office is located in Chiyoda-ku, Tokyo, CEO: Mr. Shinichi Koide) featuring cloud-based compliance management, policy and training management, risk management, incident management, third party risk management, and outsourcing contractor risk management. "Aruvio GRC" provides flexible solutions to various needs from small scale businesses to large-scale enterprises.

    ■Outline of NANAROQ solutions and usage examples

    Possible to use NANAROQ solutions for risk management in CSIRT activities

    NANAROQ is specialized in GRC and provides information security consulting service. By utilizing its knowhow and accumulated knowledge, and by offering “Aruvio GRC”, that is a solution to manage information assets and their related risk, NANAROQ realizes unified management to efficiently collect information required for preventive measures in CSIRT and information related to risks and controls, which lead to effective remedial measures at the time of incidents occurrence.
    Also, “Aruvio GRC” may be used to effectively conduct 10 major items in “Cybersecurity Management Guideline” announced on December 28, 2015 by Ministry of Economy, Trade and Industry by integrated risk management and by creating information dashboard.

    ■Quote for Press Release
    “Aruvio is proud to partner with NANAROQ Inc. as our GRC consulting partner in Japan. Given their history and depth of experience in implementing GRC solutions, we believe the combination of Aruvio’s platform with NANAROQ’s team of information security and GRC consultants will provide a powerful solution for companies looking to improve their governance, risk, and compliance programs, said Palaniswamy “Raj” Rajan, CEO of Aruvio.

    ■About Aruvio
    Aruvio’s continuous GRC solution improves the efficiency and consistency of all business processes and decisions related to corporate governance, risk, compliance, policy, auditing, third-party, vendor, incident, and reporting management foundational to building defensible, systematic, and centralized GRC programs.
    Aruvio’s continuous GRC solution provides the right foundation for automating your compliance programs with the design goal of simplification first. Aruvio is built on’s platform with powerful enterprise-class for multi-program capabilities; flexibility, scalability, reliability, extendibility, mobility. Aruvio’s approach provides for scaling your GRC capabilities as you need; at a fraction of the professional services costs and custom development time required to configure, implement, and extend other enterprise GRC platforms. Aruvio is headquartered in Atlanta, Georgia. Please visit for more information.

    *1 Salesforce App Cloud: Salesforce App Cloud is the name of the integrated platform of Salesforce. It is the platform to develop, implement and control Salesforce application.

  • 2016.2.12

    NANAROQ Group launches new service as PCI DSS Qualified Security Assessor for the payment card industry.

    On February 1, 2016, SHIMPLA PTE LTD (principal office in Singapore, CEO: Yoshikazu Sasaki, “SHIMPLA”), a wholly owned subsidiary of NANAROQ Inc. (principal office in Chiyoda-ku, Tokyo, CEO: Yoshikazu Sasaki, “NANAROQ”), became certified as Qualified Security Assessor (QSA) of PCI DSS (Payment Card Industry Data Security Standard).
    Concurrently, NANAROQ Group will enhance PCI DSS related services.

    PCI DSS is the data security standard jointly developed by five international card companies (American Express/Discover/JCB International/MasterCard/VISA) to protect card data such as credit card and debit card.
    In U.S., compliance with PCI DSS in some states has become legislated and is mandatory.
    In Japan, with an aim to realize the world safest card transactions, Ministry of Economy, Trade and Industry and its auxiliary organization, Japan Consumer Credit Association promote the compliance with PCI DSS.
    Furthermore, a frequent occurrence of card data leak and the emergence of new type settlement service force card companies, member stores and settlement agents to obtain certification of PCI DSS.
    NANAROQ, as a member of steering committee of Japan Card Data Security Consortium, has been promoting the spread of PCI DSS.

    SHIMPLA, as a Qualified Security Assessor, provides its services not only in Japan but for the entire Asia-Pacific region.
    NANAROQ Group will provide one-stop service for PCI DSS from providing consulting service for PCI DSS full compliance to obtaining certification of PCI DSS.
    By best utilizing the accumulated knowhow and knowledge on PCI DSS and by coordinating with SHIMPLA as Qualified Security Assessor, NANAROQ will provide the most effective support services while maintaining independency of a consulting service provider.

    ■Features of NANAROQ PCI DSS related services
    -Provide a total service from providing support for full compliance with PCI DSS to obtaining the certification in the entire Asia-Pacific region.
    -Realize effective documentation using NANAROQ documentation templates.
    -Multi-language support in Japanese, English and Chinese.
    -Consultant engaged for spread of PCI DSS in Japan since 2008.
    -Cloud-based service allowing for reduction in man-hour to obtain and to maintain the certification.
    -Ability to support acquisition of other certifications such as VISA PIN Security (performed in more than 10 Asia-Pacific countries) concurrently with acquisition of PCI DSS certification.

  • 2015.12.17

    Notice of Corporate Site Renewal

    NANAROQ Inc. would like to announce that we have renewed our corporate site.
    The design and configuration of our site are renewed thoroughly where you can understand our business and service better.
    We aim to further enhance the content so that it becomes an easier-to-use website for everyone.