Risk Management

Basic approach

To prevent risks which may have a major impact on management, we are working on minimizing risks in our global organization through promoting work quality improvement activities. In order to minimize issues, we report to management executives through committees and meetings set up internally including the Internal Control Committee, while responding at each department. We will further strengthen the system to capture risks of our global organization.

Risk management framework

Promotion system

We established various committees and meetings internally in order to implement the PDCA cycle to analyze, evaluate, and take actions against risks which may significantly affect our management. For example, we promote risk management with following committees: the Safty and Health Committee for safty and health; the Information Security Committee for information leakage risks; the Quality Function Committee for quality problems; and the Corporate Ethics Committee for risks of legal violation.

Business Continuity Plan（BCP）

We formulate our BCPs with a basic policy to aim to minimize material and human damage, support the restoration of local communities, and resume our business activities swiftly in the event of emergency situations such as major earthquakes. With "human life first" as the first priority, we take physical countermeasures, including preparing primary evacuation sites inside plant buildings (such as providing shelters against falling objects), while conducting company-wide emergency drills to prepare for a major earthquake in the Nankai Trough. As part of emergency drills, we conduct tabletop emergency exercises which simulate initial response after a disaster including Group companies in Japan. We also maintain and revise our BCPs and manuals on an ongoing basis. In an effort to advance effective Group-wide BCP activities, we hold quarterly BCP countermeasures meetings. By sharing best practices in the formulation and operation of BCPs at plants, we continue to work to raise the overall quality of our BCPs.

Information security

In recent years, cyberattacks have caused a greater number of problems to society, such as information leaks, data losses, and system shutdowns. In this climate, we consider it our corporate social responsibility to properly manage and safeguard all kinds of information assets--from clients' information and our confidential data to personal information--pursuant to our basic policy for information security. We recognize information security risk as important issue and comply with laws and regulations, comply with laws and regulations, maintain operating foundation, ensure security level and cyber security, and practice information security management.

Information security promotion framework

Content of initiatives

Join the Toyota Group's Security Operations Center (SOC; domestic Futaba Group companies only)
Overseas group companies are gradually joining the SOC services in accordance with the standards of each country, with implementation expected at all locations by FY2025
Hold an exercise for targeted e-mail attacks
Hold cybersecurity education through e-learning
Promote IT-BCP with protective measures against ransomware
Strengthen the response to incidents by CSIRT^*1 organization
Comply with JAMA^*3 /JAPIA^*4 Cybersecurity Guidelines Ver. 2.2
Conducting security awareness activities for suppliers, introducing solutions, and implementing IT-BCP training

*3 JAMA: Japan Automobile Manufacturers Association.

*4 JAPIA: Japan Auto Parts Industries Association.