We have organized a Risk Management Committee in order to manage the risks that affect our Group, and in order to address the various risks attendant upon our business activities, we have formed an internal system for risk management through which we run a cycle of risk assessment, risk reduction measure implementation, and reporting to the Risk Management Committee and executive committees.

Our Group classifies business risks into high priority and priority risks and establishes departments to manage these two types of risks. The risk management departments work with the Group companies to oversee the risk management concerning said risks and regularly report on the management status of the risks to the Risk Management Committee.

Risk management committee (members)

IT Management Subcommittee

Under the Risk Management Committee, we have established the IT Management Subcommittee to promote cross-divisional information management measures. In addition to establishing company-wide policies and overseeing initiatives to prevent information leaks and inappropriate inflows, the IT Management Subcommittee conducts surveys of the current cybersecurity status of affiliated companies to assess the actual state of not only the technical aspects but also the development of management rules, education of system users, and a wide range of other areas to improve the security level of the entire Group by providing the appropriate advice.

Information management subcommittee (Organizing members)

Organizational position of the IT management subcommittee

Employee Training on Cyberattacks

IIn FY2023 the Information Management Subcommittee undertook efforts in the four areas of awareness-raising activities, monitoring, maintenance of regulations, and information gathering. In addition to advancing measures such as participating in the activities of the Nippon CSIRT Association, educating employees through the “Cybersecurity Newspaper”, targeted email training, and detecting compromising radio emanations etc. we are also establishing regulations and strengthening our operational system for responding to incidents when they occur.

BCP Initiatives

-Raise Awareness of BCP through Initial Action Drills-

We have created a Business Continuity Plan (BCP) in the event of a disaster such as a large-scale earthquake and in addition to disaster prevention drills and BCP drills for each business site, we are conducting BCP initial response drills that simulate various disasters in each factory. These activities begin with procedures for confirming the safety of employees in the event of an earthquake, followed by decisions on prioritization and methods of recovery work in the event that the plant is damaged, and securing the necessary personnel. In addition, we are working to upgrade the entire Group by assessing the actual state of BCP levels for natural disasters at affiliated companies and reviewing issues.