JSR Group believes that preventing major crises from occurring and minimizing their impacts on business activities is a key part of management. In response to these issues, the Group has formulated Risk Management Policies and established a Risk Management Committee through which it actively pursues risk management activities.

• Basic Views and Policies Related to JSR’s Corporate Governance

JSR Group has established a Risk Management Committee under the Sustainability Promotion Committee. We have put into place a system whereby the Risk Management Committee comprehensively manages important risks that have materialized or could potentially materialize within the Group.

The Risk Management Committee advances the Group's risk management by taking the lead in identifying important risks and supporting the formulation of policies for responding to such risks and the planning and execution of risk management plans by related committees or departments in charge.
For important risks that were identified, the progress of countermeasures is reported to the Sustainability Promotion Committee and the Board of Directors.

We manage risks related to the individual capital investments of each business, strategic investments such as M&A, and business plans through deliberations and decisions made by the Board of Directors and other committees. Please click on the following link for the roles of each committee and other details.

• JSR’s Corporate Governance Report (PDF 893KB)

For risks related to business operations, we engage in risk management centered on the Risk Management Committee in accordance with Risk Management Policies.

The risk management system forms part of the Group’s internal control system. The status of the internal control system’s execution is reported regularly to the Board of Directors. JSR’s Corporate Audit Department continuously verifies and evaluates the preservation and operation of internal control for the entire JSR Group as required by the Companies Act and Financial Instruments and Exchange Act. It also ensures that risk in existing business does not exceed permissible levels. Furthermore, the department additionally strives to maintain and strengthen internal control levels for the entire Group and conducts internal audits to ensure the appropriate and efficient execution of operations.

Under the initiative of the Risk Management Committee, each division of JSR Group companies in and outside of Japan identifies risks on a regular basis. In addition, management holistically understands risks related to management strategy and the foundation of business continuity.

Utilizing a risk map that represents level of business impact and frequency of occurrence, we identify risks that could have a significant impact on business continuity and organize them into JSR Group Risk Factors. We build and maintain a system for prevention of latent risks and crisis preparedness by having senior management monitor and regularly review important risks.

Click on the following link for information on the risks that could impact on JSR Group's business performance, financial standing, cash flow, etc.

• JSR Group Business and Other Risks (PDF: 343KB)

JSR has formulated BCM procedures that summarize the BCM/BCP^* systems in place for both peacetime and emergency situations. In addition to defining the BCM organization and the actual BCP, which includes stipulations on target recovery times, and BCP activation and cancellation standards, these procedures also set out the organizational structure that takes effect during activations of the BCP, and corresponding priority businesses and operations.

Moreover, we maintain a stable supply of funds on hand to allow us to manage our businesses flexibly if a major risk arises. We also acquire issuer ratings and commercial paper ratings from rating agencies each year. JSR's ratings are available on rating agencies' websites as well as the JSR website.

* BCM: Business Continuity Management/BCP: Business Continuity Plan
A BCP defines activities to be conducted in anticipation of emergencies that could threaten a company’s survival (such as a large-scale natural disaster, explosion/fire, or terrorist attack), judgment criteria and action guidelines that enable business continuity in the event of such emergencies, and other matters necessary for ensuring the continuity and early restoration of important businesses. BCM is a management system that operates and continuously improves the BCP through the PDCA (plan-do-check-act) cycle.

Once a year since 2004, JSR holds crisis management training with the participation of “headquarters for accident and crisis control” members.
In FY2022, we conducted crisis management drills based on the scenario that a Tonankai Earthquake (a large-scale earthquake with an epicenter in the Nankai Trough off the coast of the Enshu Sea and Kumano Sea) occurred and the Yokkaichi Plant, our main plant, suffered damages.

Approximately 50 people, including the President who leads the head office’s headquarters for accident and crisis control, participated in the drill and confirmed the actions that the head office should take, such as gathering information and determining response policies, in response to fires, injuries, and other possible events on the day of a disaster.

By conducting drills that anticipate a variety of potential disasters, we will continue to make the preparations needed to ensure safety, control damage, maintain business continuity.

JSR Group conducts disaster management, evacuation, and notification training and drills on a regular basis. FY2022 was no exception. While implementing measures to combat COVID-19 infections, we held drills that simulate disasters at each of our business bases. We will continue working to minimize the impacts of emergencies and improve our ability to ensure business continuity.

In FY2009, JSR introduced a safety verification system that uses employees’ mobile phones and smartphones. The system can promptly ascertain the safety of employees in the event of a large-scale earthquake or other disasters. In FY2011, we began expanding the system's coverage to include domestic Group companies and the families of JSR employees.

Training using this system is conducted regularly, and JSR is prepared for large-scale and wide-area disasters.

We stockpile masks in preparation for an epidemic of influenza or another infectious disease. In addition, before the influenza season, we invite doctors and nurses to JSR's head office and Yokkaichi Plant to provide influenza vaccinations to employees who request one.

Following the spread of the COVID-19 pandemic since FY2020, we continue to maintain our Code of Conduct, enforce the wearing of masks and other protective equipment, implement regulations on outside visitors, share information with our employees around the world, and carry out such measures at each base as working from home in order to sustain the Group’s main manufacturing, research and development bases in Japan, Asia and Europe and the United States.
Although the COVID-19 pandemic is gradually easing, we will continue striving to maintain the operation of each of the Group's business sites in light of the situation in each country and region.

Click on the following link for information on our responses to legal risks and compliance risks.

• Compliance

JSR Group endeavors to manage information in an appropriate and secure manner by establishing Information Security Policy and by thoroughly disseminating the policy to its employees.

Having established an Information Security Policy, JSR Group is working on the appropriate management of information by making this policy known to all employees. In August 2019, we established the Cybersecurity Management Office as the department in charge. We are working alongside outside experts on information security management including Group companies, employee training and education, and strengthening our response capabilities to cyberattacks or other incidents.

In FY2014, we published the Information Security Handbook so as to further increase employee sensitivity toward information leakage risks and to ensure their actions are in compliance with company rules at all times. We make employees aware of this handbook through our company intranet, e-learning, and workplace discussions.
In FY2022, using a ransomware attack as a scenario, we conducted a cyberattack response drill targeting members of HQ emergency response team, including the President.