CSR

MENU
  • HOME>
  • CSR>
  • Governance(G)>
  • Risk Management

Risk Management

SUSTAINABLE CITIES AND COMMUNITIES

Basic philosophy

With the aims of preventing risks that can have huge impacts on management and to minimize damage in the event that adverse events do occur, we are identifying risk in each function in cross-departmental meetings and making decisions on how to respond. For each type of risk in safety, quality, and other areas, the department in charge has established regulations and key points and conducts proper business management, such as implementing measures as needed based on assessments of operational status.

Risk Management and Response Guidelines have also been established. These Guidelines summarize basic matters related to risks and show the behaviors to adopt to prevent potential risks and to respond appropriately and quickly in the event that problems occur.

Crisis Management Project in anticipation of large-scale earthquake disasters

Japan is a land of earthquakes, and we have put into place a crisis management system for the event of a massive earthquake based on the principles of human life first, community support, and early recovery. Specifically, we are carrying out a Crisis Management Project to strengthen our ability to deal with disasters, focusing on the two areas of developing and enhancing first responses and clarifying response procedures for quick restoration of production. Since 2013 we have conducted resilience training more than 80 times for directors and members of anti-disaster departments, based on the idea that in addition to infrastructure and system measures, improving the skills of response personnel is essential. We have also established specific procedures for the recovery of affected buildings, facilities, and processes and for alternative production in a production recovery system. Recovery training for design drawings and other data is also carried out so that product development can be continued even after disasters. In addition, workshops to strengthen crisis management not only in our own companies but also at affiliates and suppliers are conducted regularly. Assessments using “anti-earthquake measures implementation status check sheets,” clarification of weak points with graphs, introduction of responses taken at Toyoda Gosei and other companies, and cooperative preparation of business continuation plans are carried out.

■Efforts to date
Classification Measures
Facility and equipment measures
  • Earthquake resistance measures for buildings and facilities
  • Establishment of a disaster prevention center to serve as an operations base for anti-disaster department operations
  • Equipping all locations with a multi-channel access radio system (which is used in Japan for various purposes, from daily work to emergency and disaster situations) and satellite phones
  • Installment of a crisis management server (earthquake-resistant structure) and emergency power generators
  • Operation of a disaster recovery system for restoration of damaged systems and data centers (special facilities equipped with and operating computers, data communications, and other devices)
System measures
  • Introduction of site and building safety decisions
  • Maintenance of supply chain information
  • Teleconference system for multiple locations using tablet computers
  • Earthquake bulletin and employee safety information system training
  • Employee safety follow-up system incorporating arrival and departure times at company and business trip data
  • Preparation of a business continuation plan
■Disaster response
Disaster response
Strengthening information security measures and raising awareness

To strengthen the control of confidential information, annual checks of the compliance status of each division based on company confidentiality management regulations are conducted together with onsite audits. Self-inspections are also done at Group companies in Japan and affiliates in other countries. Confidentiality officers are assigned in all departments, and confidentiality education activities are conducted based on information system security operating standards and a confidential information management manual. Security control education is also conducted for new employees.

■Enhanced measures
Classification Measures
Prevention
of leaks from
negligence		 Hard
  • Printing restrictions with ID card authentication on multifunction machines, dedicated drawing printers
Soft
  • Data encryption of all PCs
  • Security measures when sending emails out of the company (cc to superiors, encryption of attached files)
Prevention
of malicious
unauthorized leaks		 Hard
  • Increased surveillance cameras
  • Installation of wire locks for prevent PC theft
  • Restrictions on writing onto external storage media
Soft
  • Confidentiality pledge
  • Stricter applications for removing items from premises
  • Restricted file server access
  • System use records
  • Strengthened hacking prevention measures (Internet)
  • Prevention of unauthorized connection of terminals brought in from outside
Educational activities (ethics)
  • New employee education
  • Companywide security control voluntary inspections using check sheets
  • On-site checks of each department
  • Training in responding to standard email