As NGK’s business expands, the risks it faces continue to globalize and diversify. To minimize these risks, NGK is putting in place a risk management system.
For instance, the Company avoids and prevents the materialization of operational risks, such as sharp fluctuations in demand or impediments to the facilities investment plan, by discussing budgets and plans at strategy meetings and management meetings or comprehensively considering and analyzing risks in the implementation decision process. Moreover, the Central Disaster Prevention and Control Headquarters and CSR Committee are in place to deal with wind or flood damage, natural disasters, major transportation disasters, and other emergencies.
The Company has introduced control self-assessment (CSA)* as part of developing internal controls to counter day-to-day risks that may occur in the routine performance of duties. These CSA processes identify risks, to which each organization implements individual countermeasures in addition to Group-wide countermeasures implemented by the Human Resources Office, Information Technology Department and other Head Office organizations responsible for risks.
* Control self-assessment (CSA) is a technique by which the personnel responsible for control activities in business operations subjectively verify and assess their own activities with respect to the effectiveness of control activities relating to risk management or internal control.
At a time of increased globalization of business, information exchanged over IT networks and security control of such information are becoming more important. In the NGK Group, the CSR Committee’s Security Subcommittee oversees overall information security across the Group, including security management of IT networks and PC terminals, development of security systems for paper and electronic documents, and management of personal information, and supports the activities of the Information Technology Department and the General Affairs Department.
The use of IT networks entails risks such as virus infection, unauthorized access, and information leakage. The NGK Group has systematically developed its physical network to enhance security levels by establishing a wide-area Ethernet network and shared file server operation.
The Group will continue to steadily reinforce protection against information risks, including further security level enhancement at business sites outside of Japan.
In addition to systems development, another extremely important aspect of information security is dealing with risks arising from the people who actually prepare, use and manage information. NGK ensures reliable operation of information security systems by periodically conducting user surveys and audits, and has also upgraded the electronic information security education component of new employee training and principal position-based training programs.
Furthermore, in response to an increase in the number of PC users and newly emerging IT risks, in December 2008 the Security Subcommittee oversaw preparation of an Electronic Information Security Handbook to ensure the reliable functioning of internal controls. The Company has distributed the handbook to all employees who use NGK PCs, including temporary staff from outside agencies, and plans to use it as a core instructional material to enhance user education.
The Electronic Information Security Handbook
