JSR Group believes that preventing a major crisis from occurring and minimizing its impacts on business activities is an important management role. The Group has formulated Risk Management Policies and established a Risk Management Committee through which it actively pursues risk management activities.
2. Risk Management System
JSR Group manages risks by broadly dividing them into actual risks that exist in the company and potential risks.
Risk management is carried out for risks arising in the normal course of business* based on careful discussions and resolutions made in important meetings such as those of the Board of Directors. At the same time, for risks other than those arising in the normal course of business, the Risk Management Committee formulates response policies and promotes risk management in the JSR Group.
* Risks arising in the normal course of business that are addressed in major conferences, such as meetings of the Board of Directors are strategic risks that include those associated with capital investment and M&A.
3. Risk Management Measures
(1) Identifying Risks and Selecting Important Risks
Since FY2009, JSR Group has fulfilled group-wide annual risk management procedures using its unique risk management system under the initiative of the Risk Management Committee. For each division of JSR Group companies in and outside of Japan, we identify and evaluate all potential risks, and formulate measures to control such risks.
Utilizing a risk map that represents level of business impact and frequency of occurrence, we identify risks that could have a significant impact on business continuity and organize them risks into the JSR Group Risk Factors. By monitoring and regularly reviewing risks that senior management has personally ascertained, we are building and maintaining a system for prevention and crisis preparedness.
(2) BCM (Business Continuity Management)
1) Formulation and Operation of BCM Procedures
JSR has formulated BCM procedures that summarize the BCM/BCP* systems in place for both peacetime and emergency situations. These procedures define the BCM organization and the actual BCP, which includes stipulations on target recovery times, and BCP activation and cancellation standards. They also define the organizational structure that takes effect during activations of the BCP, and corresponding priority businesses and operations.
* BCM: Business Continuity Management/BCP: Business Continuity Plan
A BCP defines activities that need be conducted before the occurrence of an emergency situation that may threaten the survival of a company (large-scale natural disaster, explosion/fire, terrorist attack, etc.), judgment criteria and action guidelines that enable business continuity in the event of such emergencies, and other matters necessary for ensuring the continuity and early restoration of important businesses. BCM is a management system that has been developed to operate and continuously improve the BCP through a PDCA (plan-do-check-act) cycle.
2) Major Earthquake Preparations
JSR Group adopted a mid-term business plan in FY1995 concerning preparations for a major earthquake and has been conducting systematic activities to enhance those preparations. After FY2006, we began a seismic retrofitting project focused on high-pressure gas facilities in our plants, and installed an earthquake early-warning system at all JSR business sites. Based on lessons learned from the experience of the Great East Japan Earthquake, we are further reinforcing the anti-seismic capabilities of our buildings and implementing safety measures by incorporating the perspective of countermeasures against tsunamis. These initiatives are scheduled for completion by FY2020.
(3) Enhancement of Initial Response to Emergencies
1) Crisis Management Training
With the objective of strengthening the ability of the headquarters for accident and crisis control in the Head Office (Minato Ward, Tokyo) to respond in a time of crisis, JSR has held crisis management training once a year since 2004, with participation from members from the headquarters for accident and crisis control. The training for FY2018 was based on a scenario in which an earthquake strikes Tokyo (specifically, a major earthquake centered in the northern area of Tokyo Bay), causing damage at not only the Head Office but also plants and offices in the Kanto area, including those of JSR Group companies.
The headquarters for accident and crisis control during the crisis management training
In the past, the training was a simulation of responses on the day of a disaster, with the main focus being on verifying the headquarters' operation and coordination of information, with the President as the head of the headquarters. However, in this year's training, a scenario in which the intrinsic members of the headquarters for accident and crisis control at the Head Office were not present was envisioned, with the objective of raising the overall level of disaster response at the Head Office. Training was conducted by focusing on the people who would serve as acting agents for the absent members as the main subject, and personal and organizational actions that should be taken were confirmed, including spontaneous information-gathering in an ever-changing situation and the establishment of response guidelines.
By conducting drills that anticipate a variety of potential disasters, we will continue to make the preparations needed to ensure safety, control damage and maintain business continuity.
2) Disaster Management Training at each plant and laboratory
JSR Group conducts disaster management and evacuation training and drills on a regular basis. It is imperative that we minimize the impacts of emergencies and ensure business continuity in such situations.
General disaster drill conducted jointly by plants and offices in the Kashima District (JSR, Japan Butyl, and Kraton JSR Elastomers)
3) Safety Confirmation System
In FY2009, JSR introduced a safety confirmation system to promptly confirm the safety of our employees in the event of a large-scale earthquake or other disaster. In FY2011, we expanded the system's coverage to our Group companies and the families of our employees.
Training using this system is conducted regularly, and JSR is prepared for large-scale and wide-area disasters.
4) Infection Preparedness
In the case of an epidemic or the spread of influenza and other infections, we stockpile masks.
We also provide necessary information such as the announcement of flu outbreaks.
To prevent flu infections from spreading in our workplaces and to also make sure that the cases of influenza that do occur stay minor, we invited doctors and nurses to JSR's Head Office and the Yokkaichi, Chiba, and Kashima Plants to administer vaccinations to those who desired one.
5) Responses to Legal Risks and Compliance Risks
(4) Enhancing Information Security
JSR Group adopted an Information Security Policy and is working to implement appropriate information management by informing all personnel of the policy.
Information Security Policy
- The JSR Group, by complying with laws and regulations and by observing other social norms relating to the handling of information, will protect information that belong to the JSR Group, its customers, business partners and other third parties.
- The JSR Group will strive to develop and actively use its information assets for the efficient execution of its business. The Group's officers and employees will only use these information assets for the purposes of their work and within the scope of their authority.
- The JSR Group will improve organizations and systems, provide education on information security, thoroughly disseminate this policy and related regulations, and implement measures to ensure information security.
- The JSR Group will implement appropriate human, organizational, and technological measures and work to prevent unauthorized access to information assets from outside the company, as well as leaks, falsification, loss, theft and destruction of information assets.
- If an information security-related problem occurs, the JSR Group will promptly identify the cause and take measures to minimize damage and prevent recurrences.
- The JSR Group will periodically assess and review its information security measures to respond appropriately to changes in external environments.
Information security handbook
JSR Group is continually working together with external experts to increase our level of security and protect corporate information assets from cyber-attacks. In FY2014, we issued an Information Security handbook to raise employee sensitivity to information leakage risks and help ensure that employees are aware of and follow rules regarding information security. We also conduct targeted attack drills using fake viruses to raise prevention awareness. In addition, we are engaged in raising awareness of the content in the Information Security handbook through e-learning and workplace meetings.