To avert business continuity crises and prepare for unforeseen circumstances, the Sanyo Chemical Group has established internal regulations to cope with each possible risk. We conduct risk management by raising the risk awareness of employees by providing training and holding drills.
Risk management system
In order to address risks surrounding the Group, internal regulations such as the Operational Responsibilities Regulations, the Basic Regulations for Product Liability (PL), and the Information System Security Regulations have been formulated, and the departments in charge shall manage the risks. The Auditing Division (Business Auditing Department or Technical Auditing Department) under the direct control of the President monitors the status of risk management with the Group. If a risk is identified, the Auditing Division gives instructions to formulate correction and recurrence prevention measures, checks the details, and follows up on the status of implementation by the relevant departments. Regarding important compliance risks, the Compliance Committee discusses and determines the basic policies and measures.
Risk-based audit
In collaboration with the Internal Control Dept., the Business and Technical Auditing Departments conduct internal audit across the organization by preparing a risk-based audit map for performing business and operations and by setting audit themes for each fiscal year with priorities taken into account.
Business continuity plan (BCP)
The Group draws up and operates BCPs that prepare for response in the event of a massive earthquake or a pandemic. The Internal Control Department of the BCP Secretariat takes the initiative in conducting a review every year to make the BCP further effective. We also continuously hold practical drills in each region.
Information management
Information assets are crucially important for companies. Leakage of information assets is likely to pose the risk of damaging corporate value. Recognizing the importance of confidential information, we have the Security Management Regulations in place to prevent information leakage, ensure proper use, and prevent unauthorized acquisition, use, and disclosure of confidential information of third parties. We ensure security by establishing the Information System Security Regulations and the Personal Computer and Network Management Regulations, introducing a firewall and other network security systems, managing licenses for the use of information systems, and limiting access to the Internet. To raise the security awareness of employees and prevent information security accidents, we offer information security education every year.
Personal information protection
As for the protection of personal information, we have laid down the Personal Information Protection Policy, which stipulates the purpose and methods of use of personal information and its management, as well as consultation procedures regarding such information. The policy was revised in line with the amended Act on the Protection of Personal Information, which came into effect in April 2022. We have the Personal Information Protection Management Regulations in place to realize appropriate protection under this policy. Regarding the Individual Number (My Number) system, rules are established in the Specific Personal Information Handling Regulations. An IT system capable of ensuring security is used for operation. We also comply with the Social Media Policy, which was formulated regarding the operation of official social media accounts and the use of social media by respective employees.
Overseas crisis management activities
The Sanyo Chemical Group has established and implemented the Basic Regulations for Overseas Crisis Management, which set forth basic points for reducing risks that may cause harm to the lives, bodies, and property of the Group employees outside Japan, and for responding to an overseas crisis if such an event should occur. The regulations specify the crisis management organizations and the chain of command that will function in the case of emergency and define the responsibilities and authority of the Overseas Crisis Management Secretariat and the response headquarters, so that appropriate responses can be made accordingly. The Overseas Crisis Management Secretariat is established within the Personnel Division to constantly gather and analyze information and issue overseas travel warnings as necessary. When a BCP is implemented, the overseas crisis management organizations will work in coordination with the Business Continuity Task Force.
Internal control
We, the Sanyo Chemical Group, declared in our Code of Corporate Ethics that it is essential corporate behavior to ensure legal compliance and to fulfill corporate social responsibility, which has been implemented to take the lead in the realization of a sustainable society. With good sense and integrity, we are committed to improving our society and are following our company mission, “Establish a better society through our corporate activities."
Structure
*Horizontally scrollable
Internal control bodies and their roles
Internal Control Committee
The Internal Control Committee is in place under the direct control of the Board of Directors. The Internal Control Committee determines the basic policy on the overall internal control system, and provides instructions and supervision for the development, operation, evaluation, and improvement activities for the system.
Internal Control Dept.
The Internal Control Dept. gives advice on planning measures to cope with and avoid various risks related to business operations. The Internal Control Dept. is also responsible for building, evaluating, improving, and reporting on the three internal control systems.
- Internal control related to the Companies Act
- Internal control related to financial reports (in accordance with the Financial Instruments and Exchange Act)
- Internal control related to risks other than financial reports
Regarding internal control related to the Companies Act, the basic policy on the internal control system was resolved by the Board of Directors and publicized in 2006 in accordance with the Companies Act and the Regulations for Enforcement of the Companies Act. It is reviewed as appropriate.
Regarding internal control related to financial reports, operational processing control and overall IT control, from company-wide internal control and sales to the financial reporting process, are evaluated. The results are compiled as the internal control report and are reported to the Internal Control Committee. The internal control audit report prepared by the accounting auditor is attached and submitted to the Kanto Finance Bureau.
Regarding internal control related to risks other than financial reports, a set of documents, including procedures for risk reduction measures against expected risks and self-check sheets, are prepared and posted on the intranet so that employees can read them at any time.