Risk Management System
To address various risks with potentially significant management impacts, the UACJ Group advances risk management in CSR Committee meetings convened to formulate appropriate policies under the chairmanship of the president of UACJ and with participation by all executive officers and the presidents of the primary affiliated companies. Environmental, safety and health, quality, information security, export management, and other risks common to all UACJ Group members are appropriately addressed in accordance with rules that apply to all Group members and rules that are specific to individual Group members. Risks that are unique to individual business units are managed by those units with risk-aversion/reduction measures.
Among risks affecting Group operations, the most serious are deemed “high-priority risks.” For these risks, an executive officer is appointed to take ownership and advance measures for the Group as a whole.
Enhancing Group risk management
When conducting risk management, UACJ has been carefully identifying business-related risks at the divisional level while taking measures for averting and mitigating those risks. In fiscal 2019, the Company established a new risk management working group in its Legal Affairs Department for the purpose of enhancing its risk management overall, including assessing risks uniformly across the Group and implementing a plan-do-check-act (PDCA) cycle.
Toward those ends, the working group conducted a group-wide risk assessment using a uniform set of indicators. Applying a combined top-down and bottom-up approach, the working group specified 138 risk factors that could potentially interfere with the achievement of business plans, and assessed each one from both operational and functional perspectives. Priority risks for the UACJ Group as a whole were determined based on the results of the assessment, and a PDCA cycle is being implemented on group-wide scale in order to reduce the possibility of those risks materializing.
In April 2020, the risk management working group was integrated into the Manage Strategies Department to further strengthen the Group’s risk management by enhancing coordination with management strategies.
BCP (Business Continuity Plan)
UACJ is working to develop a business continuity plan (BCP) that would allow it to continue to provide products and services, or enable the rapid restoration of these activities, in the event of a major earthquake, widespread emergence of infectious disease, or other emergency situation.
Response System for Major Earthquakes and Other Disasters
In preparation for an earthquake, fire, or other such disaster, UACJ has built a response system that provides for the safety of employees, minimizes damage by preventing secondary disasters, and speeds recovery.
At a more specific level, we have implemented employee safety confirmation systems, established an emergency contact network, and are equipping business locations with emergency radio equipment. Employee safety confirmation systems have now been implemented in all Group companies in Japan, and emergency radio equipment has been introduced in all of the 20 companies and 49 locations comprising the main business locations in Japan.
In fiscal 2019, we again reviewed communications channels, reporting methods, and other aspects of our disaster response system and took steps to strengthen them where necessary.
To help ensure our ability to act swiftly and reliably in times of emergency, we regularly conduct training exercises at individual business locations. In October 2019, training focused on the establishment of a disaster response headquarters was conducted at the Company's headquarters.
Everyone, including the chairman, president, all other executives working at the headquarters, and all 300 or so rank-and-file employees participated in this exercise, in which we tested skills in setting up, operating, and breaking down a disaster-response headquarters; and fighting fires. Training for responding to a power outage was also conducted.
Disaster response initiatives tailored to circumstances at individual business locations are also being taken. The Nagoya Works provides a particularly good example. Lying in an area specifically addressed by the Large-Scale Earthquake Countermeasures Law, this facility has been steadfast in taking steps such as seismically reinforcing the works’ main structure, securing evacuation routes, installing early warning devices, and setting aside disaster supplies. At the same time, it has prepared an earthquake preparedness manual, which serves as the basis for annual comprehensive preparedness training for a possible earthquake and tsunami.
Disaster-Response Training by Business Location
|Business Location||Training Conducted|
|Headquarters||Firefighting, safety confirmation, evacuation, emergency life-saving, setting up a disaster-response headquarters, radio communications|
|Nagoya Works||Comprehensive training for responding to a major earthquake (and tsunami) in the Nankai Trough (Setting up a disaster-response headquarters, evacuation, safety confirmation, radio communications, emergency life-saving, use of firefighting equipment, etc.)
Safety confirmation, radio communications, joint training with local community members
|Fukui Works||Comprehensive disaster-response training (Setting up a disaster-response headquarters, evacuation, safety confirmation, radio communications, firefighting, using stretchers to transport injured people, prevention of secondary disasters, etc.)
Safety confirmation, radio communications, AED training class.
|Fukaya Works||Comprehensive disaster-response training (Setting up a disaster-response headquarters, evacuation, safety confirmation, firefighting, emergency life-saving, etc.)
Safety confirmation, radio communications
|Nikko Works||Comprehensive disaster-response training, firefighting at individual worksites, AED instruction, safety confirmation, radio communications|
Strengthening Information Security
The UACJ Group has designated the strengthening of information security as one of its top risk management priorities. In fiscal 2019, we have designated risk owners to lead information security strengthening efforts. The Information Systems Department has been placed in charge of information security and cyber security; the Engineering Department, in charge of technical information management; and the Legal & General Affairs Department, in charge of personal information protection. In addition, the Information Systems Department and Internal Auditing Department collaborate in checking the information security systems of each Group company once a year.
Efforts to Prevent Information Leaks due to Human Error
To greatly reduce the possibility of an information leak from a PC that is taken outside of company premises, we have employees use PCs that are thin clients and have made it impossible to attach USB memory sticks or other memory devices to them. Furthermore, email file attachments are encrypted and the particularly sensitive information handled by the Research & Development Division cannot be electronically transmitted without the authorization of a supervisor.
Personal Information Protection
TThe UACJ Group obtains, and uses, personal information from executives, employees, retirees, and their family members; and from customers, people who send us inquiries over the internet or by other means, and people who respond to our surveys or with whom we come into contact under other circumstances at trade shows and other events. To properly handle this personal information, we have formulated the UACJ Group Basic Policies on Personal Information Protection and comply with Japan’s Personal Information Protection Law and the personal information protection laws and regulations of other countries.
We have also researched the legislative directions concerning relevant laws in Thailand and other foreign countries.