Nitto Group Report 2017

30/44

29Nitto Group Report 2017Risk ManagementBusiness Continuity ManagementIn accordance with its four basic policies, the Nitto Group promotes Business Continuity Management (BCM) with a strong link between disaster mitigation (for minimizing damage caused by disasters) and quick recovery. In FY2016, we reinforced our capability to respond to emergencies, which covers our supply chains as well.One initiative in this regard involves sending questionnaires on Business Continuity Plan (BCP) to our suppliers as a part of our efforts to ensure stable procurement of raw materials. Based on the survey responses, we conduct follow-ups and offer solutions to further reinforce BCM in Japan. Going forward, we will gradually push forward stable procurement outside of Japan in a bid to establish a global procurement system.In an attempt to raise the level of initial response to disruptions in logistics services, we organized drills involving multiple sites and ensured cooperation with external services, in addition to drawing up a code of behavior for the Crisis Management Team and holding a workshop on the code. We are also investigating BCP of warehouses located in Japan to build a framework for early restoration of logistics services. Going forward, we will continue to perform drills through both internal and external collaborations so that we can deliver our products to customers even in times of emergency.Chemical Spill Response DrillsTaiwan Nitto Optical Co., Ltd. has been highly acclaimed by the Taichung City Fire Department for its expertise in fire and other disaster prevention and hazardous material management. On April 27, 2016, the company invited 30 people from the Fire Department for a joint response drill against chemical spills.This event helped them to not only verify their BCP and enhance preparedness, but also set a model for management and handling of chemicals in the Taichung production complex.Risk Identification and CountermeasuresThe Nitto Group distributes questionnaires on business risks to over 2,000 management-level employees every year. The purpose of this survey is to determine risks concerning the entire Group and those specic to individual businesses and regions, as well as to enhance the level of each management-level employee’s risk awareness. Rather than merely feeding survey results back to them, we discuss risks that are unique to individual sites and Group companies at CSR workshops for them. Going forward, we will add a program that encourage all management-level employees to draw up their action plans based on the survey results, thereby empowering management at each site and Group company.The survey results are also used for eld-specic risk management, meaning that risks concerning products, for example, are analyzed and dealt with by the Product Risk Management Committee.Reinforcement of Information Security ManagementIn its efforts to achieve “a state of fewer security incidents*1 and no information leaks,” the Nitto Group pursues a variety of programs, such as development of information security systems and employee training.In FY2016, we formed the Nitto-CSIRT (Computer Security Incident Response Team), which monitors the computer security system’s operational status and takes organized approaches to problems. In order to prevent information leaks by targeted e-mail attacks*2, we sent out a sample e-mail to all employees of the Nitto Group without prior notice to see how the recipients would react to it. Unfortunately, some of them opened the attached le. We will continue to conduct similar tests to warn employees against suspicious e-mail.*1Incidents and accidents including data loss, virus infection, and unauthorized access*2A type of cyber attack that attempts to steal information by sending e-mail with an attached file or URL containing a computer virus to members of a target organization