Risk Management

Risk Management

Basic Viewpoint Concerning Risk Management

In order to forestall management crises and ensure the continuation and stable development of the business, risks for important matters related to the execution of business are evaluated and identified, deliberated at Management Meetings, and decided on by the Board of Directors.
We strengthen governance and effectively operate the internal control system on an ongoing basis, and the Risk Management Committee devises measures to deal with a variety of crises, which involves discussing precautionary measures to address general risk.
In the event of a state of emergency such as a natural disaster, accident or unforeseen incident occurring, the Company aims for important operations to continue uninterrupted, and even in the event of such interruptions taking place, for operations to resume in the shortest possible time. In order to deal with the initial stages promptly and appropriately, a Disaster Countermeasures Headquarters will be set up to devise countermeasures, and the Company implements an ongoing program of education and training in normal times.
Moreover, in order to protect our own information assets and the information assets entrusted to us by customers and suppliers from theft, falsification, damage, and leakage, and to manage them properly and securely, we have prescribed the Basic Policy on Information Security and operate it appropriately.
In addition to security measures at the system level, we seek to strengthen information security by implementing an ongoing program of education, development and training for employees, and handling information in an appropriate fashion.

Risk Management Committee

The Risk Management Committee, chaired by the executive officer in charge of the administrative division and comprising the heads of the administrative and sales divisions as members, operates as an organization closer to the front lines.

It identifies comprehensive risks, plans countermeasures, and executes those plans.By addressing risks through this company-wide cross-functional organization, we enhance the entire company's risk sensitivity while establishing a unified risk management framework. By identifying and managing potential risks during normal times, we build a system capable of swift response during emergencies.

Risk map

The Risk Management Committee evaluates the identified risks based on two axes: (1) the probability of occurrence and (2) the degree of effect on the Company, and specifies them as major risks to the Company. Each risk item is visualized in a risk map to be shared internally, and we continuously plan countermeasures according to the likelihood of occurrence and the degree of effect, and then execute and monitor the plans.

Information Security Initiatives

The information we obtain from our business partners and the know-how that we have accumulated are important information assets. In order to protect these assets from theft, falsification, damage, and leakage, and to manage them properly and securely, we have prescribed the Basic Policy on Information Security and operate it appropriately.
Information assets are classified into four levels within each organization (top secret, secret, confidential, general), and retention periods are set for both paper and digital data to ensure appropriate management.
We also thoroughly maintain confidentiality and the protection of personal information, and comply with relevant laws, regulations, and internal company regulations. System security measures include restricting external access and monitoring logs 24 hours a day, 365 days a year, and the reporting of the security status at monthly executive meetings to raise awareness within the Company and improve the initial response when incidents occur.