Implementing Risk Management

Basic Principles and Structure for Risk Management

As Komatsu continues to make efforts to increase its corporate value, it recognizes as major risks those risk factors that could threaten the company's sustained growth, particularly compliance issues, environmental issues, product quality concerns, accidents, and information security problems.

The company has adopted the following measures to counter these risks.

  • Komatsu has established Risk Management Rules to correctly recognize and manage risks. The company has appointed personnel to oversee individual risks, further promoting the build-up of a solid foundation for risk management.
  • Komatsu has established a Risk Management Committee to devise relevant policies for the entire Komatsu Group, evaluate and improve upon risk measures in place, and take control of risks when they arise. The Risk Management Committee regularly reports on its deliberations and activities to the Board of Directors.
  • Komatsu will establish an emergency headquarters when serious risks occur and implement appropriate measures to minimize damage.

Implementing a Business Continuity Plan for Komatsu

Komatsu has formulated a Business Continuity Plan (BCP) to carry out major operations without suspension, or restore them after only a short suspension, should a disaster or accident occur. The company conducted training drills at the Head Office, assuming an earthquake occurring directly beneath the Greater Tokyo Metropolitan area. These drills aimed to empower employees to take appropriate actions in the event of an actual disaster. Komatsu's manufacturing plants have used their BCPs to strengthen the ability of buildings and equipment to withstand earthquakes and step up measures to cope with concentrated torrential rain falls. Also, in the incidence and spread of new types of influenza, Komatsu will establish a committee and respond accordingly. To help employees cope with the disease, an action manual has been developed covering prevention and outbreak periods, with education and training also underway to ensure more thorough understanding.

Promoting Risk Management throughout the Group

To reinforce the risk management structure across the Group, Komatsu is establishing a route for risk reporting, creating a risk management manual, as well as refining the level of risk management at each Group company through explanatory meetings and study sessions on risk management and BCPs. Additionally, Komatsu is strengthening its Group-wide system for communications in times of emergency by introducing safety confirmation systems, broad-area wireless devices, and other useful tools.

Strengthening Information Security

Komatsu is developing an information security structure for the entire Group, placing the Information Security Committee at its center. As one sphere of this structure, the Company distributes an Information Security Guidebook to all employees. In conjunction with this, it provides education and awareness-raising activities based on the Guidebook, with the belief that it is essential to raise individual employee consciousness of information security. In addition, the company is developing a structure to prevent information from being divulged, even in the case of negligence or outside intrusion. The company is also conducting information security audits, to ensure that these measures are working effectively, and to detect and address any problems.