- CONTENTS LIST
- Basic Concept
- The Fuji Oil Group’s Risk Management System
- Specific Examples of Responses to Risks
- Basic Concept
- The Fuji Oil Group considers risk management to be indispensable for business continuity, conforming to laws and responding to demands from society, including its shareholders and investors. By promoting risk management, we aim to become a highly reliable enterprise that earns the trust of society.
Positioning of risk management in the Fuji Oil Group
- *Risk Management
- Prevent the occurrence of risks related to corporate management and minimize losses and impact when risks occur, to achieve the business plans and targets.
The Fuji Oil Group’s Risk Management* System
Our group has been working to establish a global risk management system appropriate for the holding company structure to which we shifted in October 2015.
Specifically, we have defined the respective roles of the holding company, regional headquarters/regional representative and each group company, and established a Risk Management Committee at each company. Each Risk Management Committee plays a leading role in implementing the PDCA cycle: Plan (identify all possible risks and selecting major risks) → Do (implement countermeasures) → Check (conduct checks) → Act (take action for improvement toward the next fiscal year). We are promoting risk management through close collaboration among the holding company, regional headquarters/regional representative and each group company.
In the event of an emergency, an Emergency Headquarters will be established within the Risk Management Committee, which promotes risk management activities in ordinary times, so that the entire Group can respond to an emergency quickly and appropriately.
The Fuji Oil Group’s Risk Management
PDCA Cycle for Risk Management
Specific Examples of Responses to Risks
Revision of business continuity plan (BCP1) based on the scenario of a major disaster
The Fuji Oil Group is revising and restructuring the BCP formulated in 2012 to make it more effective. The revisions are scheduled for completion in FY 2017.
1. BCP: Business continuity plan
Ensuring information security
To ensure information security, the Fuji Oil Group is working to raise its security level in terms of both rules and technology. Regarding rules, in FY 2016 we formulated Information Management Basic Regulations and Information Security Regulations as Group policies. We will continue employee education to ensure the regulations are thoroughly known by all. Regarding technology, we are taking multilayered measures including mechanisms to prevent unauthorized access from outside the Group’s information systems and to protect against computer viruses. We will continue to verify the information security level.
Information security management system
In response to the increase in threats to information security in recent years, the Fuji Oil Group has established an information security management system under the Risk Management and Compliance Subcommittee of the ESG Committee, which is an advisory body of the Board of Directors. In FY 2016, we inaugurated a CSIRT (Computer Security Incident Response Team). We will promote faster response in the event of an emergency as well as employee understanding of the risks of accidental information leaks, targeted e-mail attacks and virus infections.
Information security education for employees
In FY 2016, in addition to educating new employees about information security, we conducted a targeted e-mail attack exercise at Fuji Oil Holdings. We will continue working to improve employee’s information security literacy through education, training and exercises.
Protection of intellectual property
Obtaining intellectual property rights and establishing a system to prevent Fuji Oil Group’s infringement of such rights owned by other companies
Based on the Fuji Oil Group Management Philosophy, the Group has set forth rules on matters including the handling of intellectual property rights associated with inventions made by its employees while on duty in the Regulations on the Handling of Employee Inventions and the Fuji Oil Group Regulations on Intellectual Property Management. We protect intellectual property by obtaining patents for employee inventions and by strictly managing our technological know-how to ensure its confidentiality. We also keep a close watch on intellectual property rights of other companies to avoid infringing on them.
Educational activities related to intellectual property rights
Fuji Oil Co., Ltd. holds training and study sessions on intellectual property rights and inventions whenever necessary as part of its efforts to educate and enlighten employees. During FY 2016, a seminar on intellectual property was held in February 2017 for new employees involved in research and development who had joined the company six months earlier. The participants were briefed about intellectual property rights and their significance, as well as rules applied to in-house inventions. Moreover, an annual intellectual property rights strategy conference held in October 2016 for employees in development departments focused on intellectual property systems.
Ensuring information system continuity in the event of a natural disaster (ICT-BCP)
In the event of a natural disaster or other incident, information systems are the foundation of business continuity. The Fuji Oil Group has installed its core systems and other systems for important operations at a secure data center. In addition, assuming a scenario of damage to the data center, we have secured operating system continuity with the construction of a DR site2 at a remote location. As a result, even if the data center is affected, operations can resume at the DR site within a few hours to half a day. Moreover, we are preparing for prompt response in the event of a disaster by conducting DR site switchover exercises once a year.
2. DR site: Disaster Recovery site
Note: For information on our response to procurement risks caused by climate change and large-scale disasters, refer to Sustainable Procurement.