Basic approach
To prevent risks which may have a major impact on management, we are working on minimizing risks in our global organization through promoting work quality improvement activities. In order to minimize damages, we report to management executives through committees and meetings set up internally including the Internal Control Committee, while responding to risks and problems at each department. We will further strengthen the system to capture risks of our global organization.
Risk management framework
Promotion system
We established various committees and meetings internally in order to implement the PDCA cycle to analyze, evaluate, and take actions against risks which may significantly affect our management. For example, we promote risk management with following committees: the Safty and Health Committee for safty and health; the Information Security Committee for information leakage risks; the Quality Function Committee for quality problems; and the Corporate Ethics Committee for risks of legal violation.
Business Continuity Plan(BCP)
We continuously review and improve our BCP, positioning major earthquakes as a priority risk.
Regarding business continuity in emergency situation such as major earthquake, we make it our basic policy to aim for minimizing material or personnel damage, supporting the restoration of local communities, and resuming our business activities swiftly. As part of the basic policy, we systematically retrofit existing plant buildings to withstand earthquakes, while conducting Company-wide emergency drills, tabletop emergency exercises, and so forth to prepare for a major earthquake in the Nankai Trough.
In an effort to advance Group-wide BCP activities, we hold BCP countermeasures meetings four times a year. As seen in the creation of an IT-BCP Subcommittee in FY2022, we make ongoing efforts to expand and raise the quality of BCP activities.
Information security
In recent years, cyberattacks have caused a greater number of problems to society, whether in the form of information leaks, data losses, or system shutdowns. In this climate, we consider it our corporate social responsibility to properly manage and safeguard all kinds of information assets—from clients' information and our confidential data to personal information—pursuant to our basic policy for information security. We recognize information security risk as important issue and comply with laws and regulations, maintain operating foundation, ensure security level and cyber security, and practice information security management.
Information security promotion framework
Content of initiatives
- Join the Toyota Group's Security Operations Center (SOC; domestic Futaba Group companies only)
- Hold an exercise for targeted e-mail attack
- Hold cyber security education through e-learning
- Promote IT-related business continuity management with protective measures against ransomware
- Strengthen the response to incidents by CSIRT*1 organization
- Comply with JAMA*3/JAPIA*4 Cybersecurity Guidelines Ver. 2.0
*3. Japan Automobile Manufacturers Association.
*4. Japan Auto Parts Industries Association.