Business Continuity Management
We will introduce and enhance the Chief Risk Officer (CRO) system as a major initiative of E-Plan 2025. We established a collaborative system with Risk Officers (ROs) designated in the Corporate division as well as in each in-house company, that coordinate with the other CxOs, to communicate risk incidents from across the Group and provide prompt and appropriate countermeasure instructions, and we are striving to proactively manage risks in a way that enables their transformation into opportunities.
Toru Nakayama
Executive Officer, CRO
In order to minimize risks that hinder the sound existence and development of the EBARA Group, we have shifted our focus from simply responding to individual risks as they appear and instead systematically identify and evaluate risks, take measures to minimize them, and implement continuous improvements to both the system and activities.
We support the healthy global development of the EBARA Group’s business by continuing to strengthen group governance and risk management systems on a global scale. This includes the implementation and maintenance of our company regulation, the Group Administration Basic Rules, and developing systems for emergency situations.
The Risk Management Panel (“RMP”) is an organization that oversees the EBARA Group’s risk management activities, deliberates, and provides guidance and support for improvement. The RMP is chaired by the CEO and every executive officer is a member. Non-Executive Directors sit on the RMP to provide advice and other assistance as necessary to ensure risk management activities are undertaken with adequate objective supervision.
We conduct periodic risk assessments to respond appropriately to changes in the Group's risk environment. These assessments allow us to reevaluate our risk response system, clarify the divisions responsible for each risk and reflect the results in our operations. As a part of the risk response system, in emergency situations or when otherwise deemed necessary, a company wide task force headed by the President, Representative Executive Officer is established, to enable prompt reporting, communication, and decision making.
We have established the CRO Office, which includes the Chief Risk Officer and Risk Officers from each in-house company, creating an overarching risk-response system that transcends traditional business silos.
Risk Management Organizational Structure
Every three years, we conduct a Groupwide assessment of the risks surrounding the EBARA Group. The RMP takes on discussions regarding Groupwide risks, as necessary.
Risk assessments, which span all Group companies, examine the possibility of identified risks materializing within the Group, their potential degree of impact and the residual risk following countermeasures. Then, we reevaluate risk response systems through surveys and interviews with the relevant business and department managers, clarify the responsible departments, and implement measures.
In the event of an urgent situation, we have taken measures to promptly allow for the creation of a task force headed by the President, Representative Executive Officer, so the entire Group can promptly report, communicate, and make decisions to address the situation.
Risk Map
Collaboration with Group companies in each country has been strengthened after implementing response measures for the COVID-19 pandemic, and we have made progress in building a global business continuity management system.
Previously, we mostly focused on preparation for earthquakes domestically. However, other natural disasters such as heavy rain, floods, and typhoons have caused increasingly severe damage in recent years, so we have been working to reduce such damage by preparing physical countermeasures such as sandbags and water bags, especially at our main bases and Group companies in Japan. We are also simultaneously working to raise awareness for disaster preparation and mitigation by distributing disaster preparation guides to every employee and putting disaster response posters up at bases.
We are taking measures to prepare for volcanic eruptions, including at Mt. Fuji. Business continuity plans are mainly developed for and by business segments. Going forward, we will further strengthen our global business continuity management system while also taking into account geopolitical risks.
As global regulations for the protection of personal information are tightening, we have responded to specific regulations, strengthened the EBARA Group global protection system and revised the Group privacy policy. To accelerate global management with data, including the development of a human resources database, we will strengthen information security and personal information protections and minimize risks related to the global use of personal data.
We introduced global insurance in 2022 to further strengthen global risk management. Major Group companies take out insurance uniformly for property, liability, and logistics, and we transfer such risks after developing a Groupwide approach to natural disaster risks, contract risks, and more. We will continuously review the matters and eligibility in our global insurance and conduct efficient, effective risk management.
The EBARA Group’s products, technologies, and services are used in every corner of our society, industry, and daily life,. It is the mission of the EBARA Group to provide products and services to help continue or quickly recover these functions when disaster strikes.
In the event of a disaster of a scale that may disrupt business, the initial response is handled by the local headquarters predetermined at each location. They shall conduct evacuations, rescues, put out fires and any other conduct necessary to secure the safety of employees and others, and prevent further damage to facilities. At the same time, the business continuity and recovery activities begin, with the intent to mitigate damage to ongoing projects and facilitate the rapid recovery of important business. The headquarters for company business continuity measures monitors company wide progress, disseminates information and makes company wide instructions.
In order to quickly gather information on the situation of affected areas during large-scale disasters, we utilize a safety confirmation system and information sharing sheets on a cloud server. In addition, in order to ensure information sharing, satellite phones have been installed at each site, and key members of the disaster response team carry priority disaster phones. Furthermore, in order to ensure that information is not lost via our website even if our head office in Tokyo is damaged, we have established a system in which information is transmitted from our Osaka branch office.
Satellite Phone
We conduct annual simultaneous disaster drills across the domestic EBARA Group including for earthquakes and other disasters.
We also conduct periodic drills for the safety confirmation system for every employee.
Tokyo Head Office (General Headquarters)
Fujisawa District
Sodegaura District
Kumamoto District
We conduct annual drills where we practice setting up the Osaka branch office to provide remote support in the event of a large-scale earthquake under the Tokyo metropolitan area, which prevents the Tokyo headquarters from responding accordingly.
Osaka Branch Office (Secretariat) Information Gathering Drill
Osaka Branch Office (Secretariat) Phone Meeting
We have installed generators, storage batteries, solar panels, etc. at our major business locations to ensure power supply in the event of a power outage. In addition, all Executive Officers have portable storage batteries/solar panels installed in their homes, enabling them to quickly take command of business continuity even during power outages.
Head Office Storage batteries & solar panels
Fujisawa District Solar panels
Fujisawa District Solar panels
We have prepared sandbags and water barriers to prevent flooding at sales offices and business sites with a high risk of being affected by tsunamis or torrential rains.
Three days worth of food, water, survival sheets, and other suppliers are stocked at major locations for use in the event of a large-scale disaster.
We have implemented measures outlined in “Tokyo Metropolitan Government’s Handbook on Measures for Stranded Persons”.
We also regularly share a video on our company intranet to raise awareness on why preventing people from returning home all at once after a disaster is important.
EBARA has been certified as a model company for the Tokyo Metropolitan Government’s promotion of preventing people from returning home all at once (Link leads to Japanese language website)
EBARA Measures (Link leads to Japanese language PDF)
Model Company Certification Mark
We protect our information systems while managing data in an appropriate fashion and never use information in unethical ways. Furthermore we take extensive measures to protect personal information of employees, customers and suppliers alike.
The following five principles are part of the EBARA Group’s information security policy and must be followed by all executive officers and employees of the EBARA Group
1.
Fully understand the impact of information leakage and recognize the necessity of protection from such leakage.
2.
Do not take out important information outside the Company. If necessary for business, get necessary permission.
3.
Take suitable countermeasures against carelessness or other actions which may lead to information leakage, and prepare in advance for the effects of information leakage.
4.
5.
We have implemented the following system to address groupwide information security.
EBARA Group Information Security Management System
We at EBARA Corporation have established Information Security internal regulations and operate in accordance. In addition, we regularly create various manuals, educational materials, and e-learning to educate employees about information security.
We take measures to protect our data and other system infrastructure from earthquakes, power failure and other disaster scenarios. We also protect our infrastructure and other data including documents and storage media through proper security measures such as theft prevention measures and proper disposal methods at various business locations to prevent data leakage.
We strive to ensure our systems and software are always on the cutting edge in order to minimize risks associated with older systems. We also monitor and protect a variety of devices in order to catch security threats early. In addition, we use encryption technology and passwords, etc. to protect sensitive information and minimize information security incidents.
We ensure the proper management of passwords, IDs, approval authority, access to privileged information and systems based on our IT General Control Rules. In addition, we strive for the standardization and systematization of system development, construction, and maintenance.
We are constantly evaluating and working to improve our incident management, duplication of important equipment and networks, back-ups as well as our communication, reporting and established recording processes based on our Management System.
As globally recognized international standards and frameworks continue to raise the level of security globally, we have decided to comply with ISO27001, an international standard for information security, and CIS Controls, a cyber security framework outlining important measures companies should take developed by CIS, a U.S. security nonprofit organization.
We will work as a global group to establish a system that complies with Global CSIRT standards and promote continuous operation and improvement of this system.
Japan and other countries cooperate internationally to control the export of military-sensitive goods and technologies, including relevant dual-use goods and technologies from passing to countries that may threaten the security of the world or terrorists.
The EBARA Group not only complies with relevant laws and regulations, but also actively promotes voluntary control measures to contribute to the maintenance of international peace and safety. The EBARA Group has established the EBARA Security Trade Control Basic Group Policy as follows below.
1.
Comply with all applicable export control laws and regulations in each country and region of operation, and with those of the United States if we are engaged in transactions involving U.S. products and technological information;
2.
Follow, as a corporate group headquartered in Japan, the security trade control measures of the Japanese government and its related requests on a global basis;
3.
Refrain from any transactions that may undermine the maintenance of global peace and security, including, but not limited to international export control regimes;
4
Maintain a thorough understanding of and manage information about all parties, including intermediaries, agents, and customers, and applications for all transactions that involve supplying EBARA Group products, services, or technologies to ensure that those are not used or diverted to weapons of mass destruction or conventional weapons and are for civilian use; and
5
Prohibit any business and transactions relating to specially designated countries and regions, such as North Korea and Iran.
A specialized department at the head office of EBARA is responsible for security trade control activities and the President, Representative Executive Officer holds ultimate responsibility for our established security trade control system. Further, each in-house company has its own security trade control promotion department, which is responsible for ensuring compliance with and implementation of export control-related laws and regulations, and is working not only to prevent violations of laws and regulations but also to prevent transactions that violate our social responsibilities as a corporation.
Inquiry about sustainability
Inquiry Form