Basic Policy on Risk Management
FY 2019 Vision
All EBARA Group employees, including employees at overseas Group companies, share the Ebara Way and the Code of Conduct as a common identity and set of values. In addition, each group company will have systems to foresee and prevent risks based on the group-wide Risk Management Guidelines.
In order to mitigate all risks that could hinder the sound and continuous development of the EBARA Group, we plan to make a shift from existing activities that focus on individual identified risks to risk management that places priority on foreseeing and preventing risks. We believe that achieving this will require each employee to practice the Ebara Way, a key concept of the EBARA Group’s business ethics framework that we view as a high priority measure, and to use it as a foundation for effective business operations.
Risk Management System
As of 2015/4
The Risk Management Panel (RMP) oversees risk management activities throughout the EBARA Group, engages in comprehensive consultations, and provides relevant instructions while supporting improvements.
The Business Continuity Management Committee (BCMC) and Company Risk Management Committees are set under the RMP. The BCMC’s objective is to ensure the continuation of business during large-scale disasters; all executive offers are members of the committee and it is chaired by the President, Representative Executive Officer.
The Company Risk Management Committees respond to individual sales projects, contract risks, and investment and financing loss risks at Group Companies. In addition, the Committees also implement risk management activities (including those decided by the RMP). Members are appointed by the company president
Business Continuity Management
The EBARA Group’s products, technologies, and services are used in every corner of our society, industry, and daily life, including water supply and sewage systems, flood-control drain pumps, waste incinerators, power plants, steel, chemical, semiconductor, and other types of plants, hospitals, commercial buildings, and condominiums. It is the mission of the EBARA Group to provide products and services to help continue or quickly recover these functions when a massive disaster strikes.
In the event of a disaster of a scale that may disrupt business, the local headquarters set at each location takes the initiative by conducting evacuations, rescues, putting out fires and any other conduct necessary to secure the safety of our employees and prevent further damage to facilities. After the initial response, the business continuity and recovery activities begin, with the intent to mitigate damage to ongoing projects and facilitate the rapid recovery of important business. The headquarters for company business continuity measures monitors’ company-wide progress, disseminates information and makes company-wide instructions.
We protect our information systems while managing data in an appropriate fashion and never use information in unethical ways. Furthermore we take extensive measures to protect personal information of employees, customers and suppliers alike.
Information Security Policy
The following five principles are part of the EBARA Group’s information security policy and must be followed by all executive officers and employees of the EBARA Group:
|1||.||Fully understand impact of information leakage and recognize the necessity of protection from such leakage.|
|2||.||Do not take out important information outside the Company. In the case of the necessity for business, get a necessary
|3||.||Take suitable measures to prepare for the events, such as an accident or carelessness.|
|4||.||Control and maintain information so that you can identify and restrict when information leakage has occurred.|
|5||.||When information leakage occurs, immediately inform the departments of the Company in charge and receive necessary
Information Security System
EBARA Corporation has established a company-wide information security system.
Approach to Information Security:
1.Management regulations, education, etc.
We at EBARA Corporation have established Information Security company regulations and operate in accordance with these regulations. In addition, we regularly create various manuals, educational materials as well as a yearly e-learning module to educate employees about information security.
We take measures to protect our data and other system infrastructure from earthquakes, power failure and other disaster scenarios. We also protect our infrastructure and other data including documents and storage media through proper security measures such as theft prevention measures and proper disposal methods at various business locations to prevent data leakage.
3.Operational Management of Information Systems and Communication Networks
We strive to ensure our systems and software are always on the cutting edge in order to minimize risks associated with older systems. We also monitor and protect a variety of devices in order to catch security threats early. In addition, we use encryption technology and passwords, etc. to protect sensitive information and minimize information security incidents.
4.Access Management, Development and Maintenance of Security Measures
We ensure the proper management of passwords, IDs, approval authority, access to privileged information and systems based on our IT General Control Rules. In addition, we strive for the standardization and systematization of system development, construction, and maintenance.
5.Response to Incidents and Emergencies
We are constantly evaluating and working to improve our incident management, duplication of important equipment and networks, back-ups as well as our communication, reporting and established recording processes based on our Management System.