About us > CSR Activities > About KYOCERA Document Solutions > Risk Management / Compliance

Risk Management / Compliance

Risk Management

In order to handle ever diversifying risks existing both within and outside of the company, the Kyocera Document Solutions Group has developed a Risk Management System and we work to forecast and prevent risks which may occur, as well as strive to minimize loss if a risk does occur.

Risk Management Policy

To cope with ever more complex global risks, we are working to strengthen risk management throughout our entire group. Efforts are being made, centered on the Risk Management Department, to gather information and take countermeasures beforehand for risks which may impact trust in our group or business continuity. These risks include large-scale disasters, environmental problems, information leaks and unfair labor practices or violation of human rights in the supply chain.

Risk Management System

• Management System Diagram

Management System Diagram

The risk management system of our corporate group operates under the President, who is the Chief Risk Management Officer, and is comprised of a full-time Risk Management Committee Chairperson, Risk Management Committee Members, who serve as department heads, risk management officers selected by the said Committee Members, and the Risk Management Secretariat. We have developed a system to enable prompt response by the Risk Management Department and other related departments if a major event occurs or there are concerns that such an event may occur.
We have established internal company regulations such as management rules for important laws and regulations and the Crisis Management Manual, which is designed to provide measures for emergencies and minimize losses, and we make these regulations available to all employees.

Business Continuity Plan*

Within our group, we are strengthening efforts to achieve continuous action for disaster prevention and ensure business continuity so that we can continue to supply products and services to customers. In Japan, we are strengthening our initial response system in case of a large-scale earthquake or disaster, and developing a system which can stably supply products and services even if there are adverse effects on production due to factors such as interruption of electric power supply, and damage to production equipment.

Results in FY2017

  1. 1We drew up FY2017 targets for disaster-response plans and implemented them.
    We reviewed provisions for disaster response at all plants and departments.
  2. 2According to Business Continuity Plans developed by the department, we conducted drills covering aspects from initial action to restoration response at the Hirakata and Tamaki plants.
  3. 3We surveyed what our major business partners (who supply us with important parts) are doing about their own Business Continuity Plans

Aim for FY2018

  1. 1We will develop FY2018 targets for disaster-response plans for all plants and departments and implement them.
  2. 2We will develop FY2018 targets for Business Continuity Plans relating to supply chain management.
  3. 3We will conduct risk survey at our overseas group companies and establish Business Continuity Plans.

*Business Continuity Plan: Plan to set the measures to prevent interruption of important operations when the risks like disaster occur.

Information Security

Our group strives to use information assets effectively and efficiently. We do this by clarifying the basic rules to be observed, and developing a management system, for situations where employees and other concerned parties handle information assets.

Information Security Policy

Thorough management of information such as technical information and private information is an important obligation in the realm of living up to corporate social responsibilities.
We have established a Core Information Security Policy and Core Private Information Protection Policy and continues to thoroughly manage information handling.

Information Security System

Our group has established a Digital Information Security Committee chaired by the President, and we are implementing measures such as periodic employee education, control of carrying information devices off company premises and strengthening of e-mail security, globally. We are also working to strengthen our system through periodic audits carried out by our legal audit department and IT department.

Results in FY2017

  1. 1We provided training for new employees and mid-career employees in order to strengthen their information regarding security management.
  2. 2We set the usage policy of SaaS (Software as a Service, which is a cloud service wherein a user can access necessary functions when needed, and in the amounts needed), and revised the basic policy of information regarding security and the establishment of its guidelines.
  3. 3We reorganized the Digital Information Security Committee including affiliated companies overseas.

Aim for FY2018

  1. 1We will try to enhance the digital information security currently accessible regarding management by updating learning materials and providing education by e-learning programs for all employees.
  2. 2 In order to maintain confidentiality, integrity and availability of the information, we will acquire ISO27001 and ISO27017, which are international standards for information security.

Compliance

As a member of the Kyocera Group, Kyocera Document Solutions has established Kyocera Employee Action Guidelines as a code for employees, and we abide by all relevant laws inside and outside Japan. Our group works to ensure legal compliance in all our operations through efforts such as management by the department in charge of each respective law, development of an in-house notification system for when new laws come into effect or existing laws are revised and implementation of periodic legal audits.

Legal Compliance Efforts

Understanding and Dealing with Legal Information

In order to ensure compliance with new laws and revised laws, the law investigation department provides notifying information regarding new and revised laws to each department and the legal audit department audits the status of law and ordinance observance in each section regularly.

Legal Audits

Each department carries out a legal self-audit by following a legal checklist, and the legal audit department periodically carries out a legal audit of each department. In this way, our compliance system is constantly maintained and improved.

Results in FY2017

  Target number of headquarters Target number of sections Target number of laws and regulations
Legal self-audit 15 238 97
Legal audit 13 61 90

Aim for FY2018

(From FY2018, Legal self-audit will be abolished, and audits will be operated with a new audit system which focuses on the operational process.)

Secure Export Control and Trading Control System

To ensure compliance with the law in import and export transactions, we maintain a system to cope with laws such as the Foreign Exchange and Foreign Trade Act and the Customs Act.
To ensure secure export control as stipulated in the Foreign Exchange and Foreign Trade Act, we carry out control based on Kyocera Document Solutions Secure Export Control Regulations.
For import and export, we have acquired specified exporter and specified importer authorization from customs authorities, and conduct importing and exporting procedures pursuant to the control rules for business related to trading. We carry out secure export control and internal auditing of trade control, and have confirmed that the system is being properly maintained.

Private Information Protection

As part of our social responsibility, our group is working to ensure conscientious protection of private information obtained from stakeholders in the course of our business activities. Our group has established a Core Private Information Protection Policy, clarified the purposes of using private information, and specified the contact for inquiries. With our employees, we are working to achieve careful management throughout our operations by providing education on the handling of private information. We also established a management system for specific private information ("My Number").
A management system about certain personal information (individual number) is also established.

Efforts to Prevent Insider Trading

Our group has developed a management system to prevent insider trading and is working to ensure all employees are aware of the issue. We have established Rules to Prevent Insider Trading, put in place an internal information management system and established restrictions on buying and selling stocks. Also, to ensure that employees are aware of the issue, we have prepared a Guide for Prevention of Insider Trading and posted it on our in-house portal.

Efforts to Exclude Anti-Social Forces

In the Kyocera Employee Action Guidelines which serve as a code for employees in carrying out their day-to-day work, we promote company-wide awareness by explicitly indicating that we must "combat anti-social forces with a resolute attitude based on the law".
In addition, in dealings with partners and suppliers, we stipulate an exclusion clause regarding anti-social forces in business contracts.

Compliance Education

As part of our efforts to enhance compliance, we conduct compliance education with content organized by level and specific law. Every year, we conduct compliance education for new employees and education on relevant laws and regulations in each department (e.g., the Antimonopoly Act, laws relating to secure export control and laws relating to customs).

Internal Notification System

In the Kyocera Group, we have established an internal notification system to answer questions and discuss issues raised by employees, and enable reporting of conduct violating (or posing a risk of violating) laws, in-house rules or other norms relating to human rights, labor practices, occupational safety and health, the environment and fair trading. We have clarified efforts such as protection of personal privacy, and on that basis we consult with employees directly by telephone, e-mail and other means. We investigate and confirm the content of these discussions by enlisting the cooperation of relevant departments, and take measures to correct problems and prevent their recurrence.

Top of page

About us > CSR Activities > About KYOCERA Document Solutions > Risk Management / Compliance

(C)2018 KYOCERA Document Solutions Inc.