Risk Management System
Economic and political conditions, such social factors as environmental regulations and safety and security systems, natural disasters, and technological innovation in countries around the world have the potential to affect the Group's operations and financial results. Based on its risk management policy and risk management regulations, the Group comprehensively aggregates and controls business risk from a Groupwide perspective and has established a system for responding appropriately to risk.
Enterprise risk management (ERM)
Departments are in charge of risk management for business risks. Management departments and internal committees for each risk category monitor the status of risk management across the organization to perform a risk evaluation for the entire company. An inspection of the Internal Audit Chamber is also performed in order to manage risks more appropriately.
Meetings of the Risk Management Committee are held twice a year to enable chief executives of each department to report on the status of managing critical risks that can affect our company management to all corporate officers including outside directors and evaluate the status of management. The committee also investigates improvement related to company-wide risk management methods and new countermeasures. In fiscal 2017, we implemented a new approach for the top-down addition of company-wide risks to the Group business environment in addition to the risks identified by each department.
Important risks that can significantly affect company-wide business management include operational risks such as major accidents involving vessels or aircraft; country risk; natural disasters and other external factors; and compliance risk such as antitrust law violations.
Information Security Measures
An important facet of the Group's growth strategy is the use of IT to enhance competitiveness. With this in mind, we emphasize managing information security appropriately to control Groupwide risk. As part of these efforts, the IT Strategy Committee and the annual IT Budget Meeting hold deliberations on the Group's information security. In light of the findings of these deliberations, the Information Security Management Committee, which convenes every March, examines the information security of NYK and the Group and decides security measures for the coming fiscal year. Furthermore, the Information Planning and Legal & Fair Trade Promotion Groups serve a joint secretariat for this committee.
The Global Infrastructure Planning Department of NYK Business Systems Co. Ltd. and the Information Planning Group prepare, implement, and manage information security policy. We also strengthen information security by having outside experts conduct IT audits.
If an IT problem arises, employees in frontline operations promptly report to senior managers the details of the problem; the extent of the impact on customers, regions, or divisions; and the estimated restoration time. Further, the chief information officer reports IT problems at the executive committee meeting, which is held weekly. Also, the implementation of security measures for digital information has become an important task. Aiming to establish multilayered defenses against external attacks and prevent internal information leaks, the Group is strengthening network security, encrypting data, implementing spyware countermeasures, conducting security education for users and technical personnel, and monitoring information leaks.
NYK has expressed its support for the Task Force on Climate-related Financial Disclosures (TCFD) recommendations.
Based on the recommendations, we are in the process of preparing for disclosures on the topics of governance, strategy, risk management, and metrics and targets.
A wide variety of economic, political, and social factors in countries throughout the world have the potential to impact negatively the NYK Group’s mainstay shipping and integrated logistics operations as well as the Group’s cruise and other businesses. Please click on the link below.
NYK has prepared business continuity plans (BCPs) for all the major operations in NYK headquarters, so if disasters, accidents, or other events disrupt operations, the Group will be able to maintain its important functions uninterrupted wherever possible, or to quickly restore them if interrupted.
In 2016, NYK included preparations for working from home in its revised BCPs, transferred to a more earthquake resistant data center, and introduced an IT platform that uses cloud computing to enable the sharing of information globally. We have also established an IT tool for information sharing in the event of a natural disaster and conducted a disaster drill using the IT tool.