Groupwide Risk Management System
Economic and political conditions, such social factors as environmental regulations and safety and security systems, natural disasters, and technological innovation in countries around the world have the potential to affect the NYK Group’s operations and financial results. Based on its risk management policy and risk management regulations, the NYK Group comprehensively aggregates and controls business risk from a Groupwide perspective and has established a system for responding appropriately to risk.
Enterprise Risk Management (ERM)
Risk MapAs part of our analysis of Groupwide risk, we periodically identify and evaluate risk. Executives, including outside directors, select significant risks at a meeting held for this purpose once a year. At the significant risk selection board meeting, executives check the progress of management in relation to the significant risks of the current fiscal year and select the significant risks of the coming fiscal year.
Further, the members of the board meeting conduct an interim follow-up review of the progress of management in relation to significant risks.
Further, we prepare a risk map that categorises risks collected from the entire Company, based on the effect on business management and frequency, and we manage risk accordingly. In addition, risks that can significantly affect the Companywide business management include operation risk, including major accidents involving vessels or aircraft; country risk; natural disasters and other external factor risk; and compliance risk, such as antitrust law violations.
Information Security Measures
An important facet of the NYK Group’s growth strategy is the use of IT to enhance competitiveness. With this in mind, we emphasise managing information security appropriately to control Groupwide risk. As part of these efforts, the IT Strategy Committee and the annual IT Budget Meeting hold deliberations on the NYK Group’s information security. In light of the findings of these deliberations, the Information Security Management Committee, which convenes every March, examines the information security of NYK and the NYK Group and decides security measures for the coming fiscal year. Furthermore, the Information Planning and Legal & Fair Trade Promotion groups serve a joint secretariat for this committee.
The Global Infrastructure Planning Department of NYK Business Systems Co. Ltd. and the Information Planning Group prepare, implement, and manage information security policy. We also strengthen information security by having outside experts conduct IT audits.
If an IT problem arises, employees in frontline operations promptly report to senior managers the details of the problem; the extent of the impact on customers, regions, or divisions; and the estimated restoration time. Further, the chief information officer reports IT problems at the executive committee meeting, which is held weekly.
Also, the implementation of security measures for digital information has become an important task. Aiming to establish multilayered defences against external attacks and prevent internal information leaks, the NYK Group is strengthening network security, encrypting data, implementing spyware countermeasures, conducting security education for users and technical personnel, and monitoring information leaks.
NYK has prepared business continuity plans (BCPs) for all the major operations in NYK Headquarters, so if disasters, accidents, or other events disrupt operations, the Group will be able to maintain its important functions uninterrupted wherever possible, or to quickly restore them if interrupted.
Responding to the Great East Japan Earthquake in 2011, NYK revised BCPs based on the third edition of the Business Continuity Guidelines that the Cabinet Office issued in August 2013 and a final report that a working group of the Cabinet Office’s Central Disaster Prevention Council issued in December 2013 on countermeasures for, and envisaged damage resulting from, an earthquake directly below Tokyo.
NYK has established BCPs that include preparations for working from home, transferring to a more earthquake resistant data centre, and converting to emergency generators usable for three consecutive days at offices. Moreover, we regularly conduct training to ensure BCPs are practical.
Also, in September 2015 NYK strengthened its communications infrastructure by introducing an IT platform that uses cloud computing to enable the sharing of information globally. We are currently introducing this platform to Group companies.