Risk Management
Our Risk Management Policy
Risk management is an indispensable part of corporate management. Nagase Viita is committed to avoiding crises and minimizing losses by accurately identifying and reasonably controlling all internal and external risks related to our business operations and their impact. We focus on taking measures to promptly respond to emerging risks and taking measures to mitigate latent risks, giving priority to those that may have a significant impact. In addition, we have begun proactive efforts to respond to crisis situations related to business activities, and have created a flow chart that defines initial responses to specific anticipated events, which has been disclosed internally. In the future, we will conduct multifaceted risk response activities, such as planning periodic response drills to enhance the effectiveness of our risk response.
Risk Management System
Nagase Viita has established the Risk Management & Compliance Committee, as a subordinate organization of the Board of Directors, to establish, disseminate, and solidify the Company's risk management system and compliance system based on the Basic Compliance Policy and Code of Conduct. The Committee's secretariat also handles practical matters related to risk management and compliance.
Furthermore, as an internal reporting system, we have established a Compliance Consultation and Reporting Contact Point, both internally and externally, to comply with the revised Whistleblower Protection Act.
Business Crisis Management
We have established the system to prepare for a business crisis that could disrupt business continuity based on the Crisis Management Guidelines common to the NAGASE Group. We have created a system that allows us to swiftly and appropriately implement everything from an initial on-site reaction to a Group-wide organizational response.
Crisis Management Guidelines
The Crisis Management Guidelines stipulate necessary matters concerning crisis management in the NAGASE Group, including preparations for responding to management crises and actions to be taken in the event of a management crisis, with the aim of stabilizing the NAGASE Group's business operating base and minimizing stakeholder losses.
Crisis Prevention and Business Continuity Planning (BCP)
We have enacted measures for crisis prevention to protect human life and assets, as well as business continuity plans (BCPs) to ensure steady operations. We have developed an organizational and contact system, as well as procedures to follow in case of crisis, including the Emergency Disaster Manual for measures against disasters such as earthquakes, and the Guidelines to Prevent Infectious Disease, such as new influenza strains, to minimize damage in emergencies such as natural disasters, human-made disasters, accidents and infectious disease outbreaks. We have also established a system to quickly assess the status of our employees through the NAGASE Group safety confirmation system.
Our business continuity plans (BCPs) have been established as a guideline for the early recovery of our corporate activities should a crisis occur, and to swiftly respond in the event of a crisis, we regularly conduct evacuation report drills, safety confirmation drills and BCP graphic drills.
Confidentiality Control and Information Security
Regarding the control of confidentiality, we have established the rules for controlling corporate confidentiality to prevent the unintentional release of proprietary technology and business information related to research, production, sales and other operations, and we are committed to educating and familiarizing our staff through training workshops. The handling of business secrets belonging to the Company and the handling of business secrets and intellectual property rights of third parties are clearly described in the Compliance Code of Conduct and these are thoroughly circulated.
In addition, the NAGASE Group has established the Information Security Basic Policy and the Information Security Countermeasure Guidelines that comprehensively describe information security, as well as planning, implementing, and evaluating information security measures. Nagase Viita follows the basic policy and guidelines of the NAGASE Group and has developed regulations and procedures to properly implement and evaluate the policy and guidelines. These include procedures and manuals for information security measures and countermeasures to enhance a security mindset among all employees.
The NAGASE Group has also established a Cyber Security Incident Response Team (CSIRT) as an executive organization to prevent information security incidents, to quickly detect and resolve them, and to minimize damage. Nagase Viita aims to promptly report incidents to the NAGASE CSIRT when they occur, and to work together to resolve them.