Risk Management
Basic Stance/Policy
We maintain a forward-looking risk management structure that actively involves management in order to support risk-taking by executive staff.
Policy
We facilitate assertive governance with elements of bold risk-taking.
Activities and Results (Including Goals)
Risk Management Activities
We prevent risks and minimize losses by instituting controls for risk categories, managing and reducing unavoidable risks, and otherwise managing risks across the entire Group in order to facilitate assertive governance with elements of bold risk-taking.
2023 Activities
Review of everyday prevention activities
・Risk assessment of THK business activities: The known risks of 30 departments across THK were ascertained, identified, categorized, and evaluated.
・Risk assessment of THK Group company business activities: The known risks of 29 Group companies in and outside of Japan were ascertained, identified, categorized, and evaluated.
・Analysis of risk assessment results: Risks were mapped according to their probability and impact based on the aggregated results of the risk assessments of each company and department. The severity of each risk to the THK Group was thus evaluated, and the priority for implementing countermeasures was determined.
・Report to management: The results of the risk assessments were reported to the Board of Directors.
Verification of cross-held stocks
・Verification of primary cross-held stocks: The medium- to long-term financial sense and future outlook of primary cross-held stocks were verified.
Information Security
Policy
Establish, instill, and maintain the THK Group information security structure
While information utilization is indispensable for corporate growth in modern society, security risks associated with that same information are also growing. Companies can lose trust and experience extensive losses from a single information leak. As THK strives to strengthen its company-wide information security structure, it also works to increase the level of employee awareness.
Information Security Structure
The Information Security Committee, chaired by the President, convened four times this year. This committee, which is attended by outside directors and legal counsel, made decisions concerning policies related to the establishment of an information security structure and discussed responses to information security concerns.
Information Security Structure
Complying with laws protecting personal information
When the GDPR (General Data Protection Regulation) entered into force in May 2018, we set up a fixed structure that included the establishment of a privacy policy and internal regulations that comply with the GDPR. As other legislation protecting personal information continues to be enacted in various countries and regions, we will properly manage personal information by confirming which laws apply to our Group and amend our privacy policy to establish a structure that safeguards personal information around the world.
2023 Activities
Increasing information security awareness
・Performed targeted e-mail attack drills:A total of 362 employees from select departments were part of targeted e-mail attack drills conducted in August that replicated an attack on the company.
・Conducted training:Throughout the year, courses on basic information security knowledge were held for approximately 160 people, including new hires and other employees from various departments, at THK INTECHS Sendai.
In August, a lawyer was invited to hold a training session on regulations concerning information leaks for 40 related members at THK Wuxi.
Continual improvement of the information security structure
・Performed information security audits:Information security audits were performed in May and December for the sake of verifying adherence to rules related to information security and supporting improvements at each facility and in each department, and no issues were observed with regard to operations.
・Performed information security self-assessment:In October, employees were given an information security self-assessment meant to help identify and improve on problems with the information security structure.
Strengthening infrastructure equipment
・Identified specific weaknesses:In December, TME (France) worked with consultants to identify specific weaknesses in its systems and infrastructure, which included:
・Physical infiltration
・System infiltration from within the company
・System infiltration from outside of the company
・Analysis of systems and processes related to security
・Strengthened backup structures:TME installed two new data servers and one new backup server. Using real-time server replication, they constructed a backup impervious to infiltration to curtail the risk of ransomware and data loss.
BCP (Business Continuity Plan)
Policy
As a company that supports industry around the world, it is our essential social responsibility to minimize any negative impact on society by fulfilling our responsibility to supply parts even in the event of unforeseen disasters.
Process Flow for Emergency Situations
Activities and Results (Including Goals)
BCP Strategies for a Large-Scale Earthquake
|
Activity |
Description |
|
Supplying products |
|
|---|---|
|
Servers |
|
|
Earthquake-proofing |
|
|
Emergency supplies |
|
|
Safety drills |
|
Back-up Facilities
Including Group companies, THK currently possesses 12 manufacturing facilities in Japan and 25 overseas. In the event of a disaster at one factory, we have designated back-up facilities to produce the impacted product lines. Depending on the circumstances of the disaster and with the exception of a few specialized products, we have established a framework to immediately initiate production at the back-up facilities.
Boosting Production Capabilities of International Group Factories
We are enhancing our ability to provide products by expanding our current factories and constructing new ones based on market demand for our products and our global strategy. As a result, we have strengthened our ability to respond to disaster situations. We are also expanding our production volumes and shortening lead times by improving the efficiency of our manufacturing processes through automation at all of our production facilities both in and outside of Japan.
BCP measure: Maintaining main and backup servers in separate data centers
All of our data is stored and managed at two data centers in Japan to function as backups so that our sales and production activities can continue even after an earthquake or other natural disaster.
BCP measure: Practicing switching to backup servers in case main servers were to go down (once per year)
We have a schedule for rehearsing the process of switching over to backups in the event of a problem with our main equipment due to an earthquake or other natural disaster. We use a combination of practicing with the actual equipment and tabletop exercises with the staff in charge.
Earthquake-proofing: Installing equipment to prevent toppling of shelves that hold components, fixtures, and tools (Production facilities)
At our production facilities, we install equipment to prevent the toppling of storage shelves.
We also install seismic isolation systems for important machines, production tool racks, and more.
Earthquake-proofing: Installing equipment to prevent toppling (Sales offices)
We earthquake-proof items by installing equipment to prevent them from toppling.
All production and sales facilities: potable water, food, sanitary items, emergency supplies, and rescue equipment
All business locations are equipped with emergency supplies.
Safety drill: Annual drills at all locations
All production facilities perform emergency drills.
Sales offices perform emergency drills according to their tenant requirements.
Efforts at Each Facility
Kofu Plant: Improving the Fire Shutters
The technical building's fire shutters, which remove harmful smoke in the event of an industrial fire, were improved in November to secure a safe evacuation route for employees.
THK NIIGATA Plant: Conducting Fire Extinguisher and Evacuation Drills
Three training sessions were conducted through September and October to train the in-house firefighting team and night shift members on how to handle the initial response in case of a fire. Each person received hands-on training on how to use a fire extinguisher after observing a fire fighter's demonstration.
An evacuation drill was also conducted in October for employees, temporary workers, on-site business partners, and visitors to check their preparedness for an actual fire. Special drills were also conducted regarding firefighting team discipline, fire hydrant use, chemical spills, disaster reporting, initial response to fires, and supporting people with disabilities. (See the pictures below.)
THK Wuxi Plant: Strengthening THK's BCP Structure
To prevent an interruption of production due to an increasing rate of COVID-19 infections, employees resided on-site, and everything they needed to be able to continue production was prepared for them.
Items prepared: 1. Sleeping mats for 300 people 2. 11 shower stalls (installed in the washroom) 3. 7 washing machines 4. Medical supplies (OTC medicines, rubbing alcohol, masks, and antigen testing kits) 5. Other emergency supplies (food and water)
THK Wuxi Plant: Strengthening Factory Security at the Entrance
The following security measures were strengthened at the plant entrance in November to prevent theft and the leaking of information from within the plant.
