Sustainability
Risk Management
Fuji Electric is strengthening its risk management to maximize corporate value and minimize the potential impact of risks.
Basic Policies
Based on the Fuji Electric Risk Management Rules, the Company manages risks in a coordinated, systematic manner. We practice appropriate management and counter various risks that could affect Fuji Electric’s management in order to prevent risks from materializing (crisis situations), thereby minimizing the impact on management in the event that risks do materialize.
Risk Management System
The Company’s business divisions and affiliated companies are responsible for managing risks related to their business activities as a part of their business duty, developing appropriate risk management systems, and implementing risk countermeasures.
Significant risks, such as those related to business plans and large-scale investments, are reported at the Executive Committee as appropriate to facilitate the sharing of information. We also have manuals in place to ensure that risks are steadily managed. We provide training in handling each type of risk and inform the whole Company about our efforts to manage risks through company magazines and other appropriate means.
The internal auditing divisions conduct regular audits to check whether each business division and affiliated company identifies and evaluates risks based on the Fuji Electric Risk Management Rules, defines countermeasure policies, and properly builds and operates management systems.
Emergency response
If an emergency arises due to a large-scale disaster or any other serious cause, we need to act to prevent the situation from becoming any worse and resolve the situation as soon as possible. Hence, we have guidelines in place on preparations for possible emergencies, an emergency contact network, and setting up an emergency task force.
Risk management process
When annual budgets are formulated, the Company’s business divisions and affiliated companies gain an understanding of and evaluate risks related to their business activities.
Policies and countermeasures in response to risks (aversion, mitigation, relocation, retention, and so forth) are considered based on their impact on management and frequency of occurrence, and each division appoints a person in charge of policy and countermeasure execution.
We conduct an interim follow-up at the end of the second quarter to implement an annual evaluation of risk measures, including the results of education and training, and to reflect them in the risk management system based on revisions to laws, regulations, and other rules as well as our experience in responding to risks. In this way, we improve the measures for the next fiscal year.
The statuses of these management systems and operations are regularly audited by the internal auditing divisions.
We also conduct mid-year progress checks at the end of the second quarter of each fiscal year to improve and effectively implement risk countermeasures.
Responding to natural disasters and accidents(BCP efforts)
for active business
continuity efforts,
leading to the acquisition of
Resilience certification
In order to resume and continue the important businesses within the required time even when unforeseen situations such as large-scale natural disasters and accidents occur, we have formulated business continuity plans (BCPs), and are making efforts companywide for continuous improvement, based on the Fuji Electric Business Continuity Management (BCM) Rules.
In addition to formulating BCPs at the head office, factories, and area operations, which serve as contact points with customers, we have formulated BCPs for functions that are essential for business continuity, such as measures for early recovery and minimizing damage to IT systems, response to natural disaster risks in the procurement field, and multi-sourcing. Furthermore, we implement education and training based on the formulated BCPs and we are working to strengthen our business continuity capabilities by regularly evaluating the effectiveness of the BCPs and their management system in order to make improvements.
In fiscal 2023, we packaged and deployed a training program at each of our bases, which encompassed advance preparations, progress on the day of the training, and support through to the end of the training. This enables each base to improve its BCP based on the insights obtained through voluntary BCP training, which ensures the PDCA cycle and enhances our ability to implement business continuity.
Fuji Electric has also been positively evaluated for its active business continuity efforts, and we have therefore acquired Resilience certification.
Contributing to Business Continuity through Stable Procurement
By identifying, assessing, and addressing supply chain risks, we aim to build stable material procurement and production systems over the medium and long terms.
The Company utilizes a disaster prevention information system that can identify business partners located in areas where special warnings regarding earthquakes and weather have been issued in Japan. In fiscal 2023, in our disaster prevention information system, we expanded the registration of secondary suppliers and registered data to cover a total of approximately 11,000 primary and secondary suppliers. In fiscal 2024, we aim to register about 100 overseas business partners in order to establish a system for identifying suppliers located in the same types of areas where warnings are issued in Japan. Through these activities, we will quickly gather information on whether risks to our production activities have manifested, and we will continue to aim to further visualize risks in the supply chain.
To reduce the risk of relying on a single supplier (single source), the Company conducts risk assessments for approximately 200,000 parts and materials that are ordered on an ongoing basis and is working to achieve multi-sourcing*1 of parts and materials that are currently single-sourced. As of fiscal 2023, we have established multi-sourcing for approximately 80% of procured parts and materials. From 2024, in preparation for procurement risks due to national risks (e.g., lockdowns, natural disasters, and conflicts), among the components for which multi-sourcing has already been established, we will promote procurement risk avoidance through multi-country*2 procurement for electronic and electric parts and materials. We will continue to evaluate and study the items in Category D, for which multi-sourcing has not yet been achieved, and the items in Category E, for which no substitutes are available, and we will further strengthen measures such as concluding long-term contracts and maintaining a stock of such components.
-
*1
-
Multi-sourcing refers to a system in which materials are procured from multiple business partners.
-
*2
-
To establish a system that allows procurement from multiple manufacturing countries (domestic + overseas, multiple overseas, and the like).
Efforts to improve quality
With regard to quality, we formulate the High Reliability Activities Policy annually and implement it in each of our business divisions and factories to promote improvement activities.
To improve quality in the development and design stages, we are strengthening verification of new technologies and design changes as well as reinforcing the design review system during product planning. We are also digitizing quality information in manufacturing processes and utilizing digital data from automated outgoing inspections and tests for statistical process control (SPC control) and other purposes to eliminate human error and to eliminate equipment failure risks.
To improve process quality, in addition to internal audits conducted at each factory on manufacturing process management statuses, we implement mutual diagnosis by experts from other bases. The results and insights obtained are reflected in mechanisms and rules to improve quality control standards.
Information Security Measures
Efforts to maintain and strengthen information security
To properly manage as confidential information all asset value such as management, commercial and technical information and personal information held by Fuji Electric, the Company has redeveloped and rolled out policies and regulations related to information security based on the National Institute of Standards and Technology (NIST) Cybersecurity Framework.
Furthermore, we have also established management systems at Fuji Electric as well as Group companies in Japan and overseas, and we provide regular training to all of our employees, manage access to operating sites and offices, implement Internet device and computer security measures, and conduct annual inspections regarding the status of efforts taken by each workplace.
In addition, to respond to increasingly diversified and sophisticated cyber-security threats, we endeavor to strengthen our computer security incident response team and security operation center (CSIRT/SOC), our monitoring of signs and information related to new cyber attacks, and our information-system defense and attack monitoring functions.
At our bases as well, we strive to improve our information security countermeasures based on the requirements of our business partners, related industry organization guidelines, market trends, and other factors, and in businesses for which public certification of information security management is required, two departments and two subsidiaries of Fuji Electric Co., Ltd. have acquired information security management system (ISMS) certification. Furthermore, concerning personal information protection, Fuji Electric Co., Ltd. and three of its subsidiaries have been granted the Privacy Mark.
In fiscal 2023, the Tokyo Factory and the Suzuka Factory, our main energy and industry factories, acquired certification under the IEC* 62443-4-1 international standard for control system security. We will continue to endeavor to acquire certifications at other factories.
External Certification Related to Information Security
Implementing Information Security Audits
Fuji Electric conducts internal audits as a part of efforts to lift the level of information security on a continuous basis. In fiscal 2023, internal audits were conducted at all of Fuji Electric's departments and divisions as well as 29 consolidated subsidiaries in Japan and 31 consolidated subsidiaries overseas.
For issues identified by the internal audits, the divisions and companies will create improvement plans and all of Fuji Electric, including its overseas sites, will work to continually improve.
Information Security Education and Training
Fuji Electric conducts regular information security trainings and works to improve information security awareness and knowledge among all employees.
Other affiliated 53 companies in Japan and overseas conduct their own respective information security education and training.
Coordination with Information Security-Related Organizations
Fuji Electric participates in or coordinates with the following information security-related organizations.
-
1.
Nippon CSIRT Association
-
2.
Japan Computer Emergency Response Team Coordination Center
Measures to Prevent Infringement of Intellectual Property Rights
As part of our intellectual property activities, we employ a system to monitor other companies’ patents on a daily basis to prevent any inadvertent infringement of patents held by third parties.
We also conduct compliance training for employees as part of our effort to prevent infringements.
With respect to our own technologies, we actively acquire patent rights to protect our business. Fuji Electric continues to address overseas intellectual property issues and implement measures against counterfeit products to minimize business risks related to intellectual property.
