To ensure the continuity and ongoing progress of our businesses while also fulfilling our corporate social responsibilities, given the globalization of our businesses and rapidly changing economic conditions and the world's high expectations for corporate responsibility, it is important for companies to be committed to executing appropriate and efficient business processes for operating such organizations.
Therefore, to increase the trust of society, Shimadzu has established a risk management system, which encompasses corporate ethics and compliance, fosters a corporate culture that respects corporate ethics and compliance, and engages in activities for ensuring that business risks are properly managed
Risk Management System (including compliance with laws and the corporate code of ethics)
The President is the chief officer responsible for risk management. Below the president, a Risk Management and Corporate Ethics Board meets twice a year as a deliberative body to confirm and decide on policies for company-level risks that require prioritized measures (priority risks) and compliance risks. Those activities are coordinated by the director in charge of risk management and are primarily deployed by departments responsible for the respective risks and committees in charge of company-wide risk management issues, in a top-down manner to other respective departments and Group companies.
Risk Management Assessment Methods
Risk Review Committee (Company-Wide Risk Assessment)-Top-Down Risk Assessment-
Once every two years, in Shimadzu, an assessment of company-wide risks is conducted and corresponding countermeasures are considered at the management level. In the 2015 Risk Review Committee meeting, the committee identified potential risks to the Shimadzu Group based on changes in the business environment that had occurred during the previous two years. Risks that require especially prioritized countermeasures were specified as priority risks (five items) and the specific directors and departments responsible for managing such risks were specified. Six month later, they decided to add another risk that required urgent new risk countermeasures. Currently, risk reduction measures are being implemented for a total of six priority risks, the progress of which is verified by the Risk Management and Corporate Ethics Board.
Control Self Assessment (CSA)-Bottom-up Risk Assessment-
Assuming that those working on the front lines are the most aware of risks, Shimadzu and Group companies in Japan have been implementing a risk management method called control self assessment (CSA) to prevent and control risks within the context of the plan-do-check-action (PDCA) cycle implemented as part of normal front-line business processes. With CSA, assessors self-assess pre-specified patterned risk factors (61 corporate risks) in terms of impact level and incidence rate. Based on those assessment results, each department (or Group company) identifies major risks and then prepares and implements measures to control those risks. CSA results are used not only as a tool for activities in each department (or Group company), but also for corporate risk management. It is also important for risk management to objectively measure the importance of risks and implement countermeasures.