Mazda 2014 Annual Report Download - page 34

Download and view the complete annual report

Please find page 34 of the 2014 Mazda annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 67

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67

Risk Management
Mazda identifies issues related to various internal
and external risks and controls them based on their
degree of importance, so as to ensure continuous,
stable progress of business activities.
At Mazda, in accordance with the Basic Policy on
Risk Management, Risk Management Regulations,
and other related internal regulations, individual
business risks are managed by the department in
charge of that business area while Company-wide
risks are appropriately handled by departments that
carry out business on a Company-wide basis. Mazda
continues to strengthen risk management following
the PDCA cycle.
During emergencies, such as natural disasters or
situations that create serious managerial conse-
quences, Mazda takes appropriate measures in refer-
ence to its internal regulations, including establishing
an emergency response taskforce when necessary.
Moreover, every year, key agenda items are
established in the Risk Compliance Committee and
the risk management status is confirmed/evalu-
ated in each department. Through these activities,
Mazda aims to further enhance risk management.
In the March 2013 fiscal year, the Emergency
Manage ment Regulations was consolidated into the
Risk Management Regulations. Mazda con tinues its
activities to identify and reduce various internal and
external risks.
Response to Accidents and
Other Emergencies
Mazda has been systematically undertaking prepara-
tory measures for major earthquakes since the March
2014 fiscal year. Examples of such “hardware and
“software” measures include quake-proofing build-
ings and facilities, and raising embankments, as
well as maintaining emergency-contact networks,
organiz ing self-disaster-defense teams, developing
manuals, selecting tsunami evacuation areas, and
carrying out evacuation drills.
Specifically, disaster drills are held every year
both jointly with the fire authorities and solely by
Mazda’s self-disaster-defense teams to confirm initial
response to an emergency. In the March 2014 fiscal
year, 18,200 employees participated in disaster drills,
fire drills, and first-aid drills (using AED).
Further, based on lessons learned from the Great
East Japan Earthquake, Mazda has communicated to
all employees the procedures for initial responses and
manuals for operating self-disaster-defense teams,
which were newly clarified in the March 2014 fiscal
year, with the aim of confirming and reviewing the
precautions and initial responses in each workplace.
Steady efforts to enhance both “hardware and
“software” aspects of emergency readiness will
continue in preparation for the Nankai Trough
Earthquake or other large earthquakes and
tsunami associated therewith.
Information Security
Personal information and other important informa-
tion are appropriately managed and protected
based on the established information management
policies and internal regulations, so as to ensure
information security.
To raise employees awareness about informa-
tion security, Mazda requires its employees to
execute training on the management of confiden-
tial information, protection of personal informa-
tion, and IT security upon newly joining the
Company. Management of confidential information
is covered in the introduction program, while
e-learning is used for personal information protec-
tion and IT security training. Other continuous
education efforts are also available, including an
Intranet site dedicated to information and knowl-
edge on information security.
For companies in the Mazda Group, Mazda
provides guidelines and educational tools regarding
information security, realizing a Group-wide effort
to ensure information security.
IT Security Management Rules
The IT security policy based on the BS 7799*
framework has been established as IT security
management rules, under which the mechanisms
for security control and monitoring that should be
incorporated into IT systems are determined.
Whether such mechanisms are properly installed
and operated is confirmed on both a regular and
random basis.
* Standards on information security management established by
the British Standards Institution (BSI), on which ISO/IEC27001 &
27002, the current international standards for information
security management, are based.
consideration is given to whether the appropriate
business conduct of the certified public accountants
and others was to the ensured level.
Internal Control
Mazda has established the Mazda Corporate Ethics
Code of Conduct, which states action guidelines for
employees, the Finance Control Guideline for global
financial control, and other guidelines. Based on
these guidelines, each department develops rules,
procedures, manuals, etc., to promote establish-
ment of internal control.
For Group companies, cooperative systems have
been established in accordance with the Domestic
Affiliates Administration Rules and the Overseas
Affiliates Administration Rules. At Mazda, the depart-
ment responsible for each Group company supports
training and promotion for internal controls at the
respective Group company.
Mazda Internal Controls
Enhancement of IT Security
Setting IT Security Management Regulations
IT system auditing, etc.
Monitoring
Self-diagnosis of internal controls
Internal auditing, etc.
Information and Communication
Internal control sign-off system
Mazda Global Hotline, etc.
Control Activities
Developing / operating work processes
(Developing procedures, manager approvals, etc.)
Risk Assessment
Risk Compliance Committee
Revising self-diagnosis checklist, etc.
Efficacy /
Efficiency
Financial
Reporting Compliance Asset
Protection
Control Environment
Mazda Corporate Ethics Code of Conduct
Finance Control Guideline, etc.
Overseas Group Companies
Group Companies in Japan
Mazda
Risk Management Structure in Normal Times
Risk Compliance Committee
Chairperson: Executive Officer in charge of Compliance /
Risk Management
Representative Director and President
Departments within Mazda Mazda Group Companies
Emergency Risk Management Structure
Executive Officer in charge of Risk Management
Emergency Response Taskforce
Representative Director and President
Departments within Mazda Mazda Group Companies
In the event of incidents that fall outside the scope of existing risk
management organizations and require a coordinated interdepart-
mental response, the executive officer in charge of risk management
will consult with the president, establish an emergency response
taskforce, and appoint a general manager of this taskforce.
32
Mazda Annual Report 2014
CONTENTS
Review of Operations
Foundations Underpinning
Sustainable Growth
Message from Management
Introduction
Brand Value Management
Financial Section