Risk Management

  • twitter
  • facebook
Listen to this page

We are constructing a comprehensive system for preventing the realization of all types of risks.

Risk Management System

UACJ identifies business risks and takes measures to avoid or mitigate them.

Enhancing risk management

When conducting risk management, UACJ has been carefully identifying business-related risks at the divisional level while taking measures for averting and mitigating those risks. In fiscal 2019, the Company established a new risk management working group in its Legal Affairs Department for the purpose of enhancing its risk management overall, including assessing risks uniformly across the Group and implementing a plan-do-check-act (PDCA) cycle.

Toward those ends, the working group conducted a group-wide risk assessment using a uniform set of indicators. Applying a combined top-down and bottom-up approach, the working group specified 138 risk factors that could potentially interfere with the achievement of business plans, and assessed each one from both operational and functional perspectives. Priority risks for the UACJ Group as a whole were determined based on the results of the assessment, and a PDCA cycle is being implemented on group-wide scale in order to reduce the possibility of those risks materializing.

BCP (Business Continuity Plan)

UACJ is working to develop a business continuity plan (BCP) that would allow it to continue to provide products and services, or enable the rapid restoration of these activities, in the event of a major earthquake, widespread emergence of infectious disease, or other emergency situation.

Response System for Major Earthquakes and Other Disasters

In preparation for an earthquake, fire, or other such disaster, UACJ has built a response system that provides for the safety of employees, minimizes damage by preventing secondary disasters, and speeds recovery.

At a more specific level, we have implemented employee safety confirmation systems, established an emergency contact network, and are equipping business locations with emergency radio equipment. Employee safety confirmation systems have now been implemented in all Group companies in Japan, and emergency radio equipment has been introduced in 20 of 49 business locations in Japan, with installations completed for all of the main locations.

In fiscal 2018, we reviewed communications channels, reporting methods, and other aspects of our disaster response system and took steps to strengthen it where necessary.

To help ensure our ability to act swiftly and reliably in times of emergency, we regularly conduct training exercises at individual business locations. In October 2018, training focused on the establishment of a disaster response headquarters was conducted at the Company's headquarters.

Everyone, including the chairman, president, all other executives working at the headquarters, and all 300 or so rank-and-file employees participated in this exercise, in which we tested skills in setting up, operating, and breaking down a disaster-response headquarters; and fighting fires. Training for responding to a power outage was also conducted.

Disaster response initiatives tailored to circumstances at individual business locations are also being taken. The Nagoya Works provides a particularly good example. Lying in an area specifically addressed by the Large-Scale Earthquake Countermeasures Law, this facility has been steadfast in taking steps such as seismically reinforcing the works’ main structure, securing evacuation routes, installing early warning devices, and setting aside disaster supplies. At the same time, it has prepared an earthquake preparedness manual, which serves as the basis for annual comprehensive preparedness training for a possible earthquake and tsunami.

Disaster-Response Training by Business Location

Business Location Training Conducted
Headquarters Firefighting, safety confirmation, evacuation, emergency life-saving, setting up a disaster-response headquarters, radio communications
Nagoya Works Comprehensive training for responding to a major earthquake in the Nankai Trough (Setting up a disaster-response headquarters, evacuation, safety confirmation, radio communications, emergency life-saving, use of firefighting equipment, etc.)
Safety confirmation, radio communications
Fukui Works Comprehensive disaster-response training (Setting up a disaster-response headquarters, evacuation, safety confirmation, radio communications, firefighting, using stretchers to transport injured people, etc.)
Safety confirmation, radio communications, AED training class.
Fukaya Works Comprehensive disaster-response training (Setting up a disaster-response headquarters, evacuation, safety confirmation, firefighting, emergency life-saving, etc.)
Safety confirmation, radio communications
Nikko Works Comprehensive disaster-response training, firefighting at individual worksites, AED instruction, safety confirmation, radio communications

Strengthening Information Security

UACJ has designated the strengthening of information security as one of its top risk management priorities. In fiscal 2019, we have designated risk owners to lead information security strengthening efforts. The Information Systems Department has been placed in charge of information security and cyber security; the Engineering Department, in charge of technical information management; and the Legal Affairs Department’s Risk Management Group, in charge of personal information protection. In addition, the Information Systems Department and Internal Auditing Department collaborate in checking the information security systems of each Group company once a year.

Efforts to Prevent Information Leaks due to Human Error

To greatly reduce the possibility of an information leak from a PC that is taken outside of company premises, we have employees use PCs that are thin clients and have made it impossible to attach USB memory sticks to these devices. Furthermore, email file attachments are encrypted and the particularly sensitive information handled by the Research & Development Division cannot be electronically transmitted without the authorization of a supervisor.

Personal Information Protection

The UACJ Group obtains, and uses, personal information from employees, executives, retirees, and their family members; and from customers, people who send us inquiries over the internet, and people who respond to our surveys at trade shows and other events. To protect this personal information, we have formulated the UACJ Group Basic Policies on Personal Information Protection and comply with Japan’s Personal Information Protection Law and the personal information protection laws and regulations of other countries. In fiscal 2018, we revised our privacy policies and rules on handling personal information to ensure compliance with the EU’s General Data Protection Regulation (GDPR), which took effect in 2018.

In fiscal 2019, we will take steps to confirm compliance with both Japanese laws and the GDPR, and consider matters related to personal information protection laws in Thailand and other countries.