Risk Management System
The Hitachi High-Tech Group regards as risks any events or problems that may significantly interfere with achieving its business goals. To increase its corporate value, the Company has developed a system to detect and control the risks appropriately.
Basic Approach
The risks involving the Group’s transactions, investments, M&A and other business activities are prevented and controlled through deliberations by its Board of Directors, Executive Committee and other bodies, and through the approval process based on the Rules of the Board of Directors and the Decision-Making Standards, etc.
Further, the Company has established Risk Management Rules governing operational risks and has developed a system where responsible divisions detect and control operational risks appropriately. Operational risks are risks involving regulatory compliance, including prevention of bribery, antitrust laws, and prevention of antisocial transactions, as well as risks involving labor, intellectual property, imports and exports, procurement, sales, information security, financial reporting, the environment, quality and safety etc. With regards to operational risks, the Internal Control Management Committee, chaired by the Chief Risk management Officer (CRO), oversees its subcommittees, namely, the J-SOX Committee, the Compliance Committee, the Information Security Committee and the Environmental Committee. And the subcommittees issue instructions to responsible divisions on measures to address and prevent the respective operational risks for which each committee is responsible.
The Company is also moving forward with measures for business continuity management (BCM).
Internal Control Management Committee
The Internal Control Management Committee manages the risks facing the Group through the reports of the activities of its four subcommittees (the J-SOX Committee, the Compliance Committee, the Information Security Committee and the Environmental Committee) and the result of responses by the departments in charge. The Committee also assesses and examines operational status of internal control systems, including important decision-making processes, and reports to the Board of Directors, as well as proposes revisions of the details of resolutions related to internal control systems to the Board of Directors in response to changes in the management environment.
J-SOX Committee
To ensure the reliability of financial reports, the Group created a system of evaluations by management based on policies determined by the J-SOX Committee pursuant to standardized Hitachi Group measures to maintain compliance with the internal control and reporting systems specified in the Financial Instruments and Exchange Act and confirms the effectiveness of internal control on a consolidated basis.
Compliance Committee
The Group has established the Compliance Committee, which meets regularly to discuss, on a Company-wide basis, the status of compliance risks, plans for countermeasures to reduce the risks, and the status of implementation of such measures. The Group categorizes those risks into several types, and assigns specific divisions to envisage and evaluate the risks accordingly. Each division reports the status of assigned risks and plans for countermeasures to the Compliance Committee. If a compliance related incident occurs, the Company will hold an ad hoc meeting to determine the facts, trace the causes, take corrective measures and discuss how to prevent recurrence. In addition, the heads of business groups, branch offices, and Group companies appoint Compliance Managers for their respective organizations. The Compliance Managers manage the compliance system of their respective organizations by constructing compliance systems within their respective organizations, implementing compliance measures and reporting to the Compliance Committee.
Information Security Committee
The Group is aware that efforts to maintain information security are a high priority, and has developed regulations to facilitate such efforts, while also ensuring awareness among all of its employees. The Information Security Committee was established to promote information security management systems. It is conducting a range of activities in accordance with the Three Principles to Prevent Leaks of Confidential Information* as a united company, from management to employees.
* Three Principles to Prevent Leaks of Confidential Information
- As a rule, it is forbidden to take confidential information outside the Company.
- Approval must always be received from a confidential information manager before confidential information is taken outside the Company due to business necessity.
- If confidential information is taken outside the Company due to business necessity, necessary and appropriate measures must be implemented to prevent the leaking of information.
Environmental Committee
The Group established the Environmental Committee to conduct operational management and improvement in environmental activities at business sites. It also aims to minimize environmental risks, including risks related to chemical substances contained in products. In addition, the Environmental Strategy Promotion Subcommittee and the Global Environment Sales Subcommittee operate under the Environmental Committee, creating a system in which we can conduct and manage overall environmental activities more precisely.
Business Continuity Plan (BCP)
To ensure that the supply of products and services and other such operations continue uninterrupted even in the event of a natural disaster or other risk, and in the event that operations are interrupted, to resume business activity as quickly as possible, Hitachi High-Tech Group is working to enhance its BCP, which focuses primarily on important products and operations which have a significant social and economic impact.
Hitachi High-Tech Group has established a BCM Committee to maintain and enhance the Group’s ability to respond to business continuity issues and strengthen collaboration within the Group. We conduct virtual drills designed to enhance initial response, develop double-track manufacturing sites, and increase effectiveness in the event of an emergency. To address the case of infectious diseases such as new strains of coronavirus, the Committee has also published the Business Continuity Plan to Counter Infectious Disease (Pandemic), which is grounded on basic policies and presents an organized view of specific behavior standards in the event of a global pandemic. BCPs have been formulated to support all operations.
To ensure that manufacturing, sales, and service are unified in an effective approach to business continuity, the Company is striving to continuously improve its BCM system, including drills, validation and other efforts, as we work to strengthen our ability to respond to risk.