Risk Management

Risk Management

Basic Viewpoint Concerning Risk Management

In order to forestall management crises and ensure the continuation and stable development of the business, risks for important matters related to the execution of business are evaluated and identified, deliberated at Management Meetings, and decided on by the Board of Directors.
We strengthen governance and effectively operate the internal control system on an ongoing basis, and the Risk Management Committee devises measures to deal with a variety of crises, which involves discussing precautionary measures to address general risk.
In the event of a state of emergency such as a natural disaster, accident or unforeseen incident occurring, the Company aims for important operations to continue uninterrupted, and even in the event of such interruptions taking place, for operations to resume in the shortest possible time. In order to deal with the initial stages promptly and appropriately, a Disaster Countermeasures Headquarters will be set up to devise countermeasures, and the Company implements an ongoing program of education and training in normal times.
Moreover, in order to protect our own information assets and the information assets entrusted to us by customers and suppliers from theft, falsification, damage, and leakage, and to manage them properly and securely, we have prescribed the Basic Policy on Information Security and operate it appropriately.
In addition to security measures at the system level, we seek to strengthen information security by implementing an ongoing program of education, development and training for employees, and handling information in an appropriate fashion.

Risk Management Committee

The Risk Management Committee, which is chaired by an Officer in charge of management and whose membership consists of the General Manager of the Management Division and the General Manager of the Business Planning Division, pinpoints comprehensive risks, plans countermeasures, and executes plans as an organization that is in closer proximity to on-site operations.
By taking action serving as a company-wide organization, the Committee seeks to enhance sensitivity to risk throughout the Company while establishing a risk management framework.
The Committee serves as a framework for enabling swift action in the event of emergency by assessing and managing potential risk at hand during normal times.

Risk map

The Risk Management Committee evaluates the identified risks based on two axes: (1) the probability of occurrence and (2) the degree of effect on the Company, and specifies them as major risks to the Company. Each risk item is visualized in a risk map to be shared internally, and we continuously plan countermeasures according to the likelihood of occurrence and the degree of effect, and then execute and monitor the plans.

Information Security Initiatives

The information we obtain from our business partners and the know-how that we have accumulated are important information assets. In order to protect these assets from theft, falsification, damage, and leakage, and to manage them properly and securely, we have prescribed the Basic Policy on Information Security and operate it appropriately.
Information assets are classified into four levels within each organization (top secret, secret, confidential, general), and retention periods are set for both paper and digital data to ensure appropriate management.
We also thoroughly maintain confidentiality and the protection of personal information, and comply with relevant laws, regulations, and internal company regulations. System security measures include restricting external access and monitoring logs 24 hours a day, 365 days a year, and the reporting of the security status at monthly executive meetings to raise awareness within the Company and improve the initial response when incidents occur.