Approach to Risk Management
We believe that risk management is a fundamental of business management and an essential feature for a corporation. We are striving to achieve business-worthy risk management by creating a comprehensive, functional, and effective risk management framework. We are striving to identify, foresee and forestall risks, and minimize the harm from any crises that occur.
Risk Management Framework
Our group formulates the risk management rules as rules concerning risk management and has prepared a framework for carrying out risk management through the CSR Committee (Secretariat: Department of CSR Initiatives), which is chaired by the President & Representative Director.
The CSR Committee assesses information related to risks across the company as a whole, and selects and monitors important risks. It provides instructions and advice to the relevant divisions, and discusses and makes decisions on the management of risks that become apparent. The committee also reports regularly on the situation to the Board of Directors. Moreover, we have adopted a Risk Management System and follow PDCA management (plan, do, check, act) so that we can uniformly track the risks inside the group and achieve risk management for the corporate as a whole.
Dealing with Important Risks
Each year, the CSR Committee selects important risks and then monitors changing circumstances and the progress etc. of countermeasures for these selected important risks each quarter.
See the list of important risks below for important risks that were selected in FY2024 and in the past.
Example of dealing with important risks: earthquakes and other disasters
As an example of risk response activities, to respond to earthquakes and other disasters, which were identified as an important risk in FY2021, disaster drills are being conducted at different locations with a view to putting the safety of our employees first and to restore operations promptly in the wake of a disaster.
Business Continuity Plan (BCP)
To prepare for emergency situations such as natural disasters and infections, our group has established and operates a business continuity plan (BCP) that will secure all human lives including those of our employees while also fulfilling our responsibility to supply products to customers by means of swiftest possible business recovery.
Specific activities include the development of emergency response manuals, seismic strengthening of our plants, storing of food and drinking water reserves, establishment of in-house fire brigades, conduct of evacuation training, and carrying out training on our safety confirmation system. We also conduct BCP training simulating earthquakes twice each year at Takatsuka Unit and Akita Unit.
In FY2023, BCP training was conducted in anticipation of natural disasters (earthquakes, etc.) and cyberattacks which have been increasing in recent years.
The BCP manual is also inspected once per year and any erroneous items are revised.
Basic policy for business continuity plans (BCPs)
- Give the highest priority to the lives and safety of everyone on company premises.
- In order to fulfill our supply responsibilities to our customers, take preventive measures that anticipate the risk of disaster, and focus primarily on recovering from disaster in the shortest period of time.
- Cooperate with neighboring regions and local governments to provide as much assistance as possible.
Disaster drill at the Takatsuka Unit
Information Security Measures
Today, the use of information is an important management issue for a company's existence and sustainable growth. At the same time, the importance of information security is increasing, with cyberattacks becoming more sophisticated and complex each year.
To prevent the leakage of confidential information and prepare for cyberattacks, our group has formulated information security guidelines for our subsidiaries and affiliated companies. We strive for thoroughness in information security measures, including conducting regular information security education aimed at raising employees' awareness about information security.
In FY2021, we formulated our IT-BCP aimed at the maintenance or early recovery of IT systems necessary for business continuity even during emergencies.
In addition, since FY2022, we have been conducting emergency response drills for IT incidents every year to strengthen our deterrence and prevention systems against cyberattacks.
Going forward, we will continue to undertake information security risk prevention and mitigation according to the changes of the times.