Governance

Risk Management & BCP

  1. HOME
  2. Sustainability
  3. Environment, Society & Governance (ESG)
  4. Risk Management & BCP

Risk Management Promotion System

The Corporate Governance Code revised in June 2021 stipulates that the Board of Directors should develop a company-wide risk management structure as its responsibility.
In order to respond to changes in the environment surrounding management and various risks, we are strengthening our promotion system and its initiatives as part of company-wide risk management.

Specifically, we continue to analyze business risks in advance, identify risks that could have a significant impact on management, prevent them from occurring, and minimize their impact in the event of a major incident.

Organization of the Board of Directors, Sustainability Committee, and Governance Committee

Risk Management Activity Cycle

We define risks as factors that may have an impact on the corporate value of the Group, and identify risks related to the entire company in terms of “strategic risks” and “company-wide risks,” and evaluate them in terms of “impact” and “likelihood of occurrence.” In addition to the results of this evaluation, we determine the priority risks that should be managed, taking into account management strategies, business issues, and perspectives on the external risk environment.
For priority risks, we continue to implement the PDCA cycle, including implementation of countermeasures, monitoring, and identification of areas for improvement, in order to minimize risks.

Image of PDCA

Specific initiatives

BCP (Business Continuity Plan)

In response not only to large-scale natural disasters such as earthquakes and floods in the areas where the Company and its group companies are located, but also to various risks surrounding the Company such as infectious diseases and supply chains, the Company has established a system for specific risks such as verifying the safety of employees and equipment failure, placing the highest priority on human life, contributing to the recovery of the region, and promptly resuming production.

Flow of Major Disaster BCP
Disaster prevention and reduction, Education and training, Inspection, Stockpiling, and other preparatory measures are taken. Evacuation and taking attendance, Initial fire extinguishing , Information gathering, and other initial responses are triggered during a disaster. Establishment of a Task force , Recruiting personnel, Infrastructure and production , and other recovery countermeasures are deployed within 12 hours of the event. Completion of recovery is targeted for within 30 days of the disaster.

Information security

We recognize that the information we hold on technology and sales is a valuable asset and foundation of the Company, and that the appropriate management and prevention of leaks of information related to customers and business partners is an important responsibility of the Company.
Under the Confidentiality Management Regulations, we have established an information security promotion system and are strengthening our efforts not only in terms of hard measures, such as the introduction of systems, but also in terms of soft measures, such as employee education and awareness and the maintenance of related regulations, in order to appropriately utilize and protect the information assets held by the Company.

Main Hard Initiatives Main Soft Initiatives
  • Introduction of network monitoring structure security monitoring center
  • Vulnerability countermeasures for servers and client PCs
  • Introduction of EDR for early detection and response to cyber attacks
  • E-learning to raise security awareness
  • Targeted e-mail attack drills
  • Security incident response drills

We are also working with domestic and overseas Group companies to continuously improve the level of security measures throughout the Aisan Group.

Return to ESG top