Risk management regulations have been established as fundamental requirements for risk management. By following these requirements, we ensure the continuation and stable development of our business, even if substantial risks impacting management should emerge.
Based on these regulations, the relevant departments of the Company analyze and study measures against the various potential risks that could arise in the course of business activities and the Board of Executive Officers and Board of Directors discuss and determine these issues.
At the end of each fiscal year, we perform review of risk items and reporting on the management implementation status based on the Risk Item List.
In addition, with regards to large, high-risk projects, the Investment Committee deliberates in advance on the possible impact or risks on the profitability, business performance, and on the financial situation of the Company, and provides its findings to the Board of Executive Officers and the Board of Directors.
Business continuity risks are becoming increasingly diverse, given the ever-higher incidence of storm and flood damage, emergence of infectious diseases, and proliferation of cyberattacks, among others, in addition to large-scale earthquakes. Against the backdrop of this recent trend, it has become a major management issue to redevelop the BCP by shifting away from the previous model designed
to address a specific type of emergency and embracing an all-hazard model that provides plans for safeguarding business resources susceptible to crisis situations regardless of disaster type.
In fiscal year 2023, we therefore worked to revise internal rules and manuals, prioritizing important operations to be restored and setting target restoration lead times, developing a system for organizing an emergency task force, and establishing the procedures for taking necessary actions. In addition, as a measure against information security risks—primarily associated with cyberattacks—we created manuals for initial response and recovery procedures.
In April 2024, the Disaster Prevention and Countermeasures Committee, which was previously responsible for promoting the BCP, was reorganized into the Disaster Prevention and BCP Committee. Going forward, the new Committee will play a management role in
improving the effectiveness of the BCP by considering issues related to business continuity and implementing actions, as well as by planning and conducting education and training programs for employees and officers.
This Basic Policy on Information Security (“Policy”) has been formulated for the purpose of ensuring that NS United Kaiun Kaisha, Ltd. and its group companies (“NSU Group”), as part of efforts to realize the Group Corporate Philosophy, properly handle and appropriately protect information assets related to individuals, customers, business partners and other parties that are retained and stored by the NSU Group in the course of business activities and for the purpose of business as well as information systems needed to handle information, and conduct measures to prevent the occurrence of information security incidents under the NSU Group’s management and continuously improve the safety of information security.