Risk Management Structure
Our risk management structure is described below.
Risk Management Committee
The Committee identifies major risks that could have a serious impact on our business performance, confirms the validity of response measures to major risks, and gives instructions on what additional measure should be considered to our departments that oversee risk and each department.
Departments that oversee risk
When it comes to risk oversight, the departments that oversee risk draft and promote response measures for our Group as a whole by coordinating with our various departments. These departments that oversee risk include the Corporate General Affairs Division, Personnel Division, Corporate Finance & Planning Division, Corporate Production Management & Engineering Division, Corporate Research & Development Division, Information Systems & Data Processing Department, Global Procurement Division, and more.
Each operating department
Each operating department, which includes the sales departments, plants, research and development departments, and more at our Company and our group companies, take various different measures to properly manage risks that arise in the course of performing the duties of their sections and their company as part of their essential duties.
Business Continuity Plans (BCPs)
Of the foreseeable disasters and accidents that could occur,
we regard earthquakes; explosions, fires, and leaks; storm
and flood damage, and pandemics as major emergencies.
We prepare BCPs designed to ensure the continuity of
business when such emergencies occur, and shares these
with our clients as needed. What is more, we have also taken
measures such as ensuring adequate inventories of products
and raw materials, ensuring redundancy with our production
systems, augmenting our supplies of spare parts, and systematizing our restoration structures.
We recognize that the frequency with which disasters and incidents that we regard as major emergencies occur, as well as the magnitude and extent of their impacts, is changing every year as a result of advances in science and technology and the effects of climate change. As such, every year we verify the adequacy of our BCPs based on the latest information. Moving forward, we will continue to reassess our BCPs and provide training.
We retain an extensive array of personal information on customers, shareholders, employees, and others. In addition to personal information, we also retain trade secrets and other confidential information relating to our business partners. All of this information in our possession is important and must be protected. Therefore, we are committed to ensuring that this information is never leaked.
We also have measures in place to address computer security incidents (cyber attacks, phishing sites, illegal access, malware infections, and others) in order to prevent information leakages and improve the security of the information systems we operate.
We have established the Computer Security Incident Response Team of Sumitomo Bakelite Co., Ltd. (SUMIBE-CSIRT). Under both normal circumstances and when incidents arise, SUMIBECSIRT works together with the Corporate General Affairs Division, Information Systems & Data Processing Department, Personnel Division, Intellectual Property Department, and other relevant departments to respond to information security incidents.