Risk Management
The Tamura Group is working to maintain and strengthen its risk management systems in order to address a wide range of management crises appropriately.
Risk Management
The Tamura Group engages in risk management with the aim of maximizing corporate value by comprehensively, inclusively, and strategically identifying, assessing, and optimizing various risks that could affect the Company. Toward that end, we have established internal structures for risk management and crisis management regulations, internal reporting regulations, information management regulations, guidelines for constructing Group emergency countermeasures, and other rules, and are building a structure for managing risks. At the same time, in recent years a variety of risks have emerged that have had a significant impact on society and the economy. The Tamura Group has deemed its conventional mechanisms, focused on risk and crisis management led by individual departments, to be insufficient. In the fiscal year ended March 2024, we conducted reviews of our systems and developed a Group risk management system as enterprise risk management (ERM) for assessing and managing company-wide risks
Risk management
When introducing group risk management, we also reviewed our governance structure. The Executive Officer Committee took the lead in clarifying roles in promoting risk management, including positioning the Board of Directors as a supervisory body and determining risk response policy for executive divisions. We also established Management Committee to support the Executive Officer Committee and advance its management activities. The Risk Management Committee consists of Executive Officer Committee members. The risk management processes of the Tamura Group are as follows.
| Step | Responsibility | Description |
|---|---|---|
| Risk assessment (once a year) | Risk Management Committee | The committee dentifies the potential risks surrounding the Tamura Group and evaluates them the three perspectives of probability of occurrence, degree of impact, and level of current response. It further identifies risks that should be prioritized and risks that require cross-departmental response as critical risks. It also determines risks'owners and formulates countermeasure proposals. |
| Consideration of proposed critical risks and countermeasure proposals | Executive Officer Committee | the proposed critical risks and countermeasure proposals identified by the Risk Management Committee sre deliberate and submitted to the Board of Directors. |
| Approval | Board of Directors | The board approves critical risks and their countermeasures. |
| Implementation of countermeasures | Executive Officer Committee Executive divisions |
Executive divisions undertake execution of countermeasures under instruction by the Executive Officer Committee. |
| Progress confirmation (twice a year) | Risk Management Committee | The committee checks the progress of countermeasures by executive divisions and reports to the Executive Officer Committee. |
| Confirmation of progress and corrections | Executive Officer Committee | The committee checks the progress of countermeasures by executive divisions and issues instructions on corrective measures as necessary. It reports results to the Board of Directors. |
| Confirmation of progress | Board of Directors | The board supervises the progress of risk management. |
We conduct detailed risk assessments once every three years and simplified assessments in the remaining two years, with participation by persons responsible for business divisions and Head Office divisions. Assessments consist of quantitative and qualitative evaluations of nearly 100 items on the two axes of degree of impact and probability of occurrence. We map assessment results (see diagram at right) and identify critical risks. For identified risks, we determine the risks' owners and operate the PDCA cycle following the above process
Crisis management
The Tamura Group has established a system called alarm escalation that, as an adjunct to regular reporting lines, enables immediate communication of information to management and to the Board of Directors when a crisis that could affect management has occurred or the potential for such a crisis has come to light. In the event of an emergency that poses a serious risk to business continuity, we will establish a crisis management task force headed by the President to respond to the crisis through a Company-wide system.
Response to Security Export Controls
In order to prevent weapons as well as products and technologies that can be diverted to military uses from passing into the hands of countries, terrorists, and others who threaten or may threaten the international community, major countries, including Japan, have created international frameworks to control exports.
From the viewpoint of security, the Japanese government is working to ensure appropriate trade control in accordance with the Foreign Exchange and Foreign Trade Act. The Tamura Group has formulated security export control regulations in response to this and submitted them to the Ministry of Economy, Trade and Industry. Since then, we have organized a security export control system within the company, and have taken strict measures by thoroughly informing employees through transaction screening and in-house education. In light of recent geopolitical changes, we have also reviewed our efforts to become more global and systematic.
Business Continuity Plan (BCP)
In the wake of the Great East Japan Earthquake, we recognized the importance of business continuity planning, and in FY2011 we published the Tamura Group Large-Scale Earthquake Countermeasure Manual for all domestic and overseas offices. This is a compilation of responses from initial response immediately after a large-scale earthquake to recovery and business resumption.
In FY2012, the Tamura Group Emergency Preparedness Manual was expanded to include wind and flood damage, fire, large-scale power outage, mass infection, radioactive contamination, and war/revolution/civil unrest/riots as disasters other than large-scale earthquakes.
In FY2021, we transitioned to the "Tamura Group Emergency Preparedness Construction Guidelines," and in FY2022, we began operating a checklist and are working on continuous improvements.
Maintenance and storage of emergency supplies
Maintenance and storage of emergency supplies have been under way on establishment basis. In FY2012, within Japan, storage of drinking water and food supplies, enough to last 3 days for employees who cannot return home on foot, has already been completed. In addition, protective helmets for evacuation have been distributed to not only Tamura Group's employees but also all the staff of subcontractors working at the Group's establishments. Further, based on lessons learned from the Great East Japan Earthquake where means of communication were destroyed in the aftermath of the earthquake, alternative means of communication have been introduced.
Following the preparation of stockpiles of generators in case of a power failure, rescue devices, portable toilets, and blankets in FY2013, disaster stockpile sets were distributed to all employees along with introduction of carts to some offices/factories in FY2014. In FY2015, a cell phone recharger and other related devices were distributed to all employees to complement the disaster stockpile sets. Accordingly, stockpiling has been accomplished. Starting in FY2016, emergency supplies have been maintained regularly by improving stockpiles and donating foodstuffs close to the best-before dates to food banks, etc.
Information Management
Information Security Policy
Tamura Group recognizes that ensuring information security, including protecting information assets from various threats such as unauthorized access and cyber-attacks, in providing our products and services to our customers, is one of the most critical management issues. This recognition is important to realize our mission:
"We will swiftly provide unique products and services highly valued in the global electronics market to foster the happiness of all people supporting the growth of Tamura Group."
Based on this recognition, we have established the following basic policy on information security and will undertake the following measures:
- 1Establishment of Information Security Management System
We will establish an information security management system based on this basic policy.
- 2Education and Training
We will ensure the dissemination of this basic policy through education and training for all executives and employees.
- 3Continuous Improvement
We will build an information security management system that responds to changes in the social environment and work on continuous improvement of the system.
Specific Measures
- 1Risk Assessment
Tamura Group will analyze and evaluate the risks of its information assets based on a systematic approach to risk assessment. Through these efforts, we will clarify the "Tamura Group common management standards" and establish, maintain, and operate optimal management standards tailored to the characteristics of the information assets handled and the business content of Tamura Group.
- 2Risk Management
Tamura Group will foster and further develop a culture to address information security management. We will flexibly respond to changes in the business environment and establish a comprehensive and continuous framework for information security management to conduct appropriate risk management.
- 3Compliance with Laws and Regulations
Tamura Group will fulfill its social responsibility by appropriately managing information security in its business activities in response to obligations under relevant laws and regulations and requirements from stakeholders.
- 4Information Security in Business Activities
- Technical Safety Management Measures
Security measures for networks to prepare for cyber-attacks and information leaks, for appropriate access control to data, and restrictions on the use of external storage devices. - Physical Safety Management Measures
Introduction of ID card authentication systems to prevent unauthorized entry. - Education on Appropriate Information Handling
Implementation of education for employees on appropriate information handling.
Additionally, regarding specific personal information, Tamura Group will comply with the " Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures " and establish organizations and systems to ensure the implementation of safety management measures at each stage of acquisition, storage, use, provision, disclosure, correction, suspension of use, disposal, and deletion of specific personal information. We will also conduct education for those responsible for handling specific personal information to ensure thorough protection.
- Technical Safety Management Measures
Information Disclosure
Appropriate, Timely Information Disclosure
Based on its Information Disclosure Policy, the Tamura Group is taking measures to provide accurate information in a timely manner to its stakeholders, including via the investor relations section on its website. Financial information including the summary financial statements and results presentation provided at semiannual analyst briefings is available on the website shortly after the financial results are announced. Other IR information such as letters to shareholders is also available here.
Protection of Intellectual Property
In Tamura, the divisions of management, business, and intellectual property jointly carry out activities that ensure the respect for intellectual property right. In the course of business practice, we have been making efforts to appropriately create, protect, and use intellectual properties and to prevent infringing on other parties’ intellectual property right.