Developing, Strengthening and Promoting the Risk Management System
Risk Management
Risk Management Basic Policies
Within the framework of the Sumitomo Wiring Systems Group Basic Principles, the Risk Management Basic Policies clearly stipulate corporate policies that require us to give priority to human life; to strive to improve quality, secure safety and ensure a stable supply of products; and to maintain good relationships with stakeholders, including customers and local communities.
We have identified five major areas (Promotion System Management; Risk Communication; Preventive Risk Management; Crisis Management; Overseas Safety Measures) where we will make comprehensive efforts under our corporate risk management system.
Risk Management System
To promote risk management, Sumitomo Wiring Systems has established a "Risk Management Committee" with the Risk Management Office as its secretariat, and a "Risk Management Promotion Committee" under it.
Risk managers are appointed in each department and domestic manufacturing group companies, and risk management personnel are appointed in each department as the driving force.
From fiscal 2023, SEI Compliance & Risk Management Office, Automotive Business Unit will be added as the secretariat to promote risk management across the entire business. In addition, the Domestic Disaster Countermeasures Subcommittee and the Global Supply Chain Countermeasures Subcommittee have been established under the Risk Management Promotion Committee to strengthen natural disaster countermeasures and global supply chain countermeasures.
In fiscal 2023, with the cooperation of risk managers as in the previous year, we carried out an inventory of risks at each division of our company, 8 domestic group companies, and 97 overseas group companies.
In addition, we have compiled risk information and deployed countermeasures against major risks to Group companies in Japan and overseas.As a result, in addition to risk management activities during normal times,
we are building a system that can cooperate and respond in the event of a crisis.
Analysis and Countermeasures for Global Risks
Sumitomo Wiring Systems operates businesses in more than 30 countries and regions around the world, which exposes the company to natural disasters such as earthquakes and typhoons, political risks such as social instability, labor risks such as compliance violations and other types of risks that require our careful consideration of several scenarios and countermeasures on a global level. To address such a wide range of risks, we have formulated and implemented the Risk Management Guidelines, which can be applied throughout the company, including our overseas Group companies.
In accordance with the guidelines, we continue to identify the risks that overseas subsidiaries face, assess the risks of each country and region, and develop and implement risk countermeasures. In addition to the prompt sharing of information on apparent risks and implementation of countermeasures, we strive to prevent risks by regularly deploying risk-related information to relevant personnel.
In our wiring harness business, which is our main business, we endeavor to ensure continuity of production and supply even in times of crisis. For example, if production is suspended at some of our overseas plants, the production control center in Japan directs the disrupted production to be carried out at other locations. Moreover, we are strengthening our ability to continue operations should a risk materialize by creating a database of locations and other necessary information on parts production plants for our major suppliers and by establishing a system for promptly confirming employee safety and the impact of the risk on parts supply.
Initiatives in Fiscal 2023
As a member of the Sumitomo Electric Industries Group, we worked together with the relevant departments and continue to provide guidance to overseas Group companies from the perspective of strengthening risk management across the entire harness business.
Strengthen BCP*1
To continue important operations even in the event of a crisis, such as a large-scale natural disaster, and to ensure rapid recovery, we formulated our BCP and review it periodically. In particular, as a countermeasure to the Nankai Trough Earthquake, we are developing various measures, including evacuation and disaster prevention drills based on the premise of its occurrence and the preparation of a tsunami evacuation manual and disseminating it to employees.
From fiscal 2022, we have also started BCP training assuming cyber attacks. In addition, the Sumitomo Wiring Systems Group conducts repeated drills to confirm the safety of employees, which is the first priority in a large-scale natural disaster, so that all employees can confirm within two hours. In order to continue to strengthen our global business continuity system in FY2023, we reviewed the BCP at eight domestic group companies and 97 overseas Group companies and worked to strengthen supply chain management. In this way, we are building a system that enables global business continuity even in the event of a crisis.
Information Security Measures
We believe it is important to protect and manage our information assets properly. Based on our Basic Policy of Information Security we have established our Information Security Measures Standards that include the organizational structure and management methods necessary to ensure information security.
In the event of an incident, we have put in place a system that enables us to promptly identify information security-related incidents and promptly implement investigations, analyses, and countermeasures, led by the CSIRT*2 that responds to incidents rapidly. Since fiscal 2019, we have been digitizing information security training materials and introduced an e-learning system. Also, in light of the frequency of cyber-attacks in recent years, we regularly conduct targeted email training. We are continuing to take measures for facilities in factories that require ICT and measures to meet the information security standards required by our customers.
Glossary
*1 An action plan formulated in anticipation of an unforeseen event such as a disaster or accident and intended to minimize impact on important operations so that business can be quickly recovered and resumed if interrupted.
*2 Computer Security Incident Response Team