- Sustainability TOP
- Governance
- Risk Management
Risk Management
Basic Approach
In a rapidly changing business and operating environment marked by increasing uncertainty, Isuzu has established a risk management framework by appointing a chief risk management officer (CRMO) to oversee the risk management structure within the Group. The CRMO regularly identifies and assesses risks in the Group’s management and business operations and strives to manage them in an appropriate manner, making particular efforts to reduce them.
Management Structure
The Isuzu Group CRMO holds quarterly risk management review meetings to assess the progress of risk countermeasures in business execution departments and group companies, as well as to address emerging risks. Additionally, these meetings provide instructions for enhancing risk countermeasures and continuously reviewing the awareness of key risks that impact management.
Furthermore, if a risk emerges and triggers a major crisis, the Group CRMO is responsible for forming a response team, in which personnel chosen by the Group CRMO determine and execute various responses to minimize the impact of the risk in question. The results of these activities are constantly reported to management to ensure thorough crisis management at all times.
Risk Management Process
Isuzu comprehensively identifies risks related to its business activities, conducts risk assessments, selects priority risks that require special attention as a company, and formulates and implements response plans and other measures. Additionally, through monitoring, periodic reviews, management reporting, and external dissemination of information on the status of management, we strive to appropriately manage and reduce risks by reviewing priority risks and their countermeasures.
Risks Associated with Business and Others
As risk factors pertaining to Isuzu Group's business operations, the following are the risk factors in the development of Isuzu Group’s operations that relate to the business information, financial information and other information stated in the annual securities report and that may materially affect the judgment of investors. These forward-looking statements are based on the future mentioned in this document are based on Isuzu Group's assessment as of the end of March 2023.
Risk item | Action |
---|---|
Risks attributable to global economy, financial market or automobile market | |
(1) Fluctuation in economic situations and aggregate demand in major markets |
|
(2) Competition in the automobile market |
|
(3) Fluctuations in exchange and interest rates |
|
Risks associated with business operations | |
(4) Reacting to phenomena such as technological innovations and changes in business models |
|
(5) Research and development |
|
(6) Joint ventures and other forms of alliance |
|
(7) Reliance on specific channels in sales and supply |
|
(8) Delays and shortages in procurement of materials and parts and soaring procurement costs |
|
(9) Compliance reputation |
|
(10) Product defects |
|
(11) Information security risks faced by an IT society |
|
(12) Risks concerning protection of intellectual property |
|
(13) Securing and retaining excellent talent, generating results, etc. |
|
(14) Legal restrictions etc. |
|
(15) Risks latent in international activities and overseas expansion |
|
(16) Disasters, etc. |
|
(17) Climate change |
|
- *For details of these risk items, also see our annual securities report.
Information Security
Isuzu established the Group Information Security Policy under the leadership of the Group Chief Information and Security Officer (CISO) from April 2020 to March 2023 and is promoting Group-wide information security management across Isuzu and its consolidated subsidiaries.
At our company, we are establishing and providing education on the information security management structure and standards within the Isuzu Group. We have developed standards for information security not only for IT systems that manage internal confidential information but also for products, plants, and IT system cybersecurity. We have implemented these standards in sequence.
We participate in J-Auto-ISAC*, which collects and analyzes information on automobile cybersecurity and records issues detected in the industry. Moreover, we have established a system to develop and manufacture automobiles with cybersecurity in mind.
These activities are conducted with reference to the Ministry of Economy, Trade and Industry's Cyber Security Management Guidelines, the international regulation UN-R155 adopted by the World Forum for Harmonization of Automotive Standards (WP29) of the United Nations Economic Commission for Europe, and international standards such as ISO21434, ISO27001, and NIST SP800-171. Regarding automotive cybersecurity and systems that impact automotive cybersecurity, we comply the international standards on automotive cybersecurity, which came into effect in July 2022.
Furthermore, based on the aforementioned standards, we conduct an annual review of operational status and continue to advance information security management and improvements.
- *J-Auto-ISAC: Japan Automotive ISAC, a Japanese automotive cybersecurity organization.