Through its global activities in the ICT industry, the Fujitsu Group continuously seeks to increase its corporate value, and to contribute to its customers, local communities and indeed all stakeholders. Properly assessing and dealing with the risks that threaten the achievement of our objectives, taking steps to prevent the occurrence of these risk events, and establishing measures to minimize the impact of such events if they do occur and to prevent their reoccurrence are assigned a high priority by management. Moreover, we have built a risk management and compliance system for the entire Group and are committed to its continuous implementation and improvement.
The Group identifies, analyzes and evaluates the risks that accompany business activities and works on measures to avoid or reduce them, and to deal with them quickly in the unlikely event that they materialize.
Examples of Business Risks*1
These are just some of the business risks. More detailed risk-related information can be found in our earnings report, securities reports and other published reports.
With the aim of integrating and strengthening its global riskmanagement and compliance structures, the Fujitsu Group hasestablished a Risk Management and Compliance Committee asone of the internal control committees reporting to topmanagement.
The Risk Management & Compliance Committee appoints aChief Risk Compliance Officer for each department and companythroughout the Group, and encourages cooperation amongthem to both guard against potential risks and mitigate risksthat materialize, forming a risk management and compliancestructure for the entire Group.
The Risk Management & Compliance Committee is responsiblefor grasping the status of risk management and compliance inall Fujitsu business groups and Group companies in Japan andoverseas, establishing the appropriate policies and processes,etc., and both implementing and continuously improving them.In practical terms, it decides on risk management regulationsand guidelines, applies them and regularly reviews andimproves them.
The Risk Management & Compliance Committee, which maintainsregular communications with Chief Risk Compliance Officers,identifies, analyzes and evaluates the risks of business activities,confirms the detailed measures intended to deal with major risksby averting, minimizing, transferring or retaining them. It alsoreports important risks to the Management Council.
The Risk Management Committee also prepares responsesagainst the actual materialization of a risk despite theimplementation of various preventive measures. If a critical risksuch as a natural disaster, product breakdown or defect, aproblem with a system or service, a compliance violation, aninformation security breach, or an environmental problemmaterializes, the department or Group company reportsimmediately to the Risk Management & Compliance Committee.The Risk Management & Compliance Committee coordinateswith the related divisions and workplaces for rapid resolution ofthe problem by appropriate measures such as establishing atask force. At the same time, the Risk Management Committeestrives to identify the causes of the problem and propose andimplement solutions. Additionally, for critical risks, thecommittee also reports as appropriate to the ManagementCouncil and the Board of Directors.
The Risk Management & Compliance Committeecontinuously confirms the implementation status of theseprocesses and works to make improvements.
To build a robust disaster-preparedness network and enhance our business continuity response capabilities, the Fujitsu Group has created a Group-wide disaster-preparedness organization, in anticipation of a major disaster. In Japan, we have been carrying out annual nation-wide disaster-response drills in conjunction with Disaster Preparedness Day on September 1st.
FY 2013 marks the 19th year of systematically conducting training for an earthquake occurring in Tokyo or in the Tonankai region. This year we completed training at 80 companies, including Fujitsu Headquarters. Fujitsu has established an interim Central Headquarters in the Kansai region, and is carrying out initial response training in collaboration with each at-risk business site, as part of the efforts to prepare for an earthquake disaster in the Tokyo metropolitan region, where our management functions are concentrated. Sites around Japan also carried out initial response training centered on confirming employee safety and checking for damage to work-related buildings immediately after a disaster.
Disaster-preparedness self checks are autonomously conducted throughout the Group based on inspection criteria established at each site as an activity to minimize personal injury and property damage in the event of a disaster.
Based on the results of these checks for FY 2013, were assessed the organization of our Emergency Disaster Control Center in each region, given that many Group companies with shared facilities showed deficiencies in their ability to contact each other during an evening or holiday emergency. We will be sharing effective training methods as we continue to conduct disaster-preparedness self checks in FY 2014.
We are conducting joint testing throughout the Fujitsu Group, targeting facilities that are critical to Fujitsu business continuity. Led by teams made up of internal departments for environmental management, facility management, and risk management, these checks are ensuring that laws are being upheld, while also conducting joint testing throughout the Fujitsu Group in order to prevent accidents that could arise from aging infrastructure or from fires and other natural disasters.
The teams are also responsible for everything from verifying inspection results, to providing guidance one stablishing measures for making improvements, to checking on the progress of such endeavors. Based on the results of joint testing conducted at 30 facilities from FY 2010 to 2013, we will be sharing good practices and cases of improvements made regarding disaster preparedness with all facilities in the Group.
The risks of unforeseen events that threaten economic andsocial continuity, such as natural disasters like earthquakes andlarge-scale flooding, disruptive incidents, accidents, andpandemics such as the new strain of influenza, have increasedgreatly in recent years.
To ensure that even when such risks occur, we can continueto provide a stable supply of the high-performance, high-qualityproducts and services our customers need, the Fujitsu Group hasestablished a Business Continuity Plan (BCP), and promotesBusiness Continuity Management (BCM) as a way ofcontinuously reviewing and improving that BCP. Through theBCM process, the lessons learned in the course of the Great EastJapan Earthquake and the flooding in Thailand are nowreflected in our BCP.
In order to consistently supply products and services even underunforeseen circumstances, Fujitsu has been continuouslysupporting improvement of BCM with our business partnerssince FY 2007, under the belief that it is essential to strengthenBCM along our entire supply chain. In FY 2013, we conducted asurvey to reassess relevant content, from the BCP formulationphase to the implementation phase, while also holding briefingsessions with our business partners directed towardstrengthening BCM.We also have dedicated ourselves to making supply chainrisks visible. As one example of this, we use the SCRKeeper*2 riskmanagement system to clarify the scope impact risks have onthe supply chain. Our executives also continued to take part intraining sessions.
A supply chain risk management service developed by the Fujitsu Group, the distribution of which began in FY 2013. It enables the evaluation and analysis of business partners' business continuity capability and predicts and assesses potential damage to their location of business on the level of each individual disaster.
The Fujitsu Group plans on developing its specialists in order tofurther promote, implement, and improve BCM. In FY 2013, BCMspecialists from each department took part in training to betterunderstand BCP for their own department and learn how toconduct actual BCM activities.Our plan now is to move forward with BCM throughout theentire supply chain, not just our logistics and production supplychains, with efforts that include providing support for BCMsystem creation for our suppliers, with our specialists playing acentral role.
We have taken steps against new strains of influenza based ona three-fold influenza policy- to safeguard lives, to stop thespread of infection, and to ensure business continuity. Wecreated a "Pandemic influenza Preparedness Action Plan" thatstipulates preventive measures in everyday operations and theresponse process to be used if an outbreak occurs. We work todisseminate these to all employees through e-Learning and bydistributing pamphlets. Also, to contribute to the continuity ofsocial infrastructure businesses and the continuity of ourcustomers' businesses should a pandemic occur or a particularlyvirulent new strain of influenza arise, we have established, andcarry out training based on, a "Business Continuity Action Planfor Measures Against Pandemic influenza."
We developed and operate a systematic educational curriculumthat aims for extensive risk management across the entire Group.
Through this curriculum, we inform our employees of ourbasic approach to risk management and the rules to be followed,and cite concrete examples to strengthen our employees'awareness of risk management and their ability to deal with risks.We also hold education and training programs as appropriate onissues such as information security, environmental problems, andnatural disasters.