Governance

Risk Management

Basic Policy

At Casio, we are promoting risk management under the basic policy to predict risks, implement preventative measures to minimize potential losses, and, if losses are incurred, implement effective follow-up measures to ensure business continuity.
Moreover, we have established the Casio Group Code of Conduct for all officers and employees to act with high ethical values and good sense in addition to obey international norms, applicable laws in each country and region, as well as company rules.

Internal Control Committee

The Internal Control Committee is established as an independent organization under the Board of Directors that will deliberate and make decisions on policies and tasks concerning internal control in general within the Casio Group in order to realize an effective, streamlined, and fail-proof risk management structure which carries out cross-sectional integration of compliance, information security, and other risk management functions.

Compliance and Risk Management Structure

Figure: Compliance and Risk Management Structure

Risk Management Structure

Risks that pose a serious impact on management are managed following the structure below based on the Risk Management Rules through collaboration among relevant organizations under the supervision of the Internal Control Committee.

Basic Structure

We will continue to develop education, training, and procedural manuals that serve as the foundation of Companywide risk management to prevent losses and minimize the impact on Company operations in the event of an incident.

Response Implementation Structure

This will serve as a total structure that ensures stable business continuity by enabling effective initial response, including prompt status assessment and information communication, and appropriate decision-making in the event of an incident.

Implementation of Global Risk Survey

In order to effectively conduct risk management, we predict various risks that may involve the Casio Group, and conduct global risk surveys to identify the frequency and impact of risks occurring and assess if appropriate measures are taken. Currently, we have identified three important risks—competition law, privacy law, and cybersecurity—and are implementing the following measures.

Competition Law

We have established the Antitrust Compliance Program to be shared and promoted at all global locations and are conducting employee education. In Japan, the Act against Unjustifiable Premiums and Misleading Representations Compliance Committee was established by relevant departments, and awareness promotion activities, including development of self-management regulations and education, are being implemented. Moreover, we are striving to provide guidance through the responsible staff office, share customer opinions and feedback, and share case studies from self-audits and improvements implemented in relevant departments. Going forward, we will conduct regular audits based on the implementation status of education, and further enforce this program.

Privacy Law

As laws and regulations concerning personal information become more stringent globally, in order to promote business using data worldwide, we must adhere to the privacy laws of each country. To this end, we have established the DPO Team, which tracks legal trends of each country, ensures the appropriate handling of personal information—from acquiring to storage, usage, and disposal—and conducts employee education and regular audits.

Cybersecurity

We have established the Computer Security Incident Response Team (CSIRT) so that we can take accurate response to information security incidents that are on the rise and take rapid action in the case of an incident. While implementing technical measures within the Group backed mainly by the Information Technology & Engineering Department, we are working on defining rules and conducting education among employees.

Response to the COVID-19 Pandemic

The COVID-19 pandemic has significantly affected Casio’s business, severing the supply chain of components from China for a time and requiring sales stores to pause operations around the world. Casio launched a task force in late January 2020 tasked with ensuring the safety of customers, business partners, and employees and their families, and is making preventing the spread of the virus a top priority. Casio is also working with related divisions both within and outside the Company, and doing all it can to minimize the impact of the pandemic on its business.
As a specific initiative to prevent the spread of the virus among employees, Casio moved up the introduction of its planned remote work system for those employees that could work at home. Employees who had to be on site to do their jobs were asked to come in on a staggered schedule, commute in their own cars, and use online meetings to reduce opportunities for interaction.
With these measures, Casio worked hard to sustain its business even in periods when the coronavirus outbreak was at its worst. The Company is committed to providing the products and services that customers need, as well as to fulfilling its social responsibility for the business continuity of its business partners.

Business Continuity Plan (BCP) Initiatives

In order to respond to emergencies with the resources of the company organization, Casio has created a Crisis Management Manual for securing the safety of all employees, executives, and their families, preserving corporate assets. Sequential updates of the manual keep pace with changes in the business environment, and the company is taking practical initiatives at the same time. Specifically, the following measures have already been undertaken:

  • Implementation of regular evacuation drills and general lifesaving classes for employees
  • Distribution of emergency assistance kits to employees and additional disaster stockpiling
  • Disaster prevention drill with the local community and provision of an open area for a temporary evacuation site

However, in the Great East Japan Earthquake, which struck in March 2011, circumstances were encountered that far exceeded previous expectations. Casio used the lessons learned to identify various points for improvement. These points were reflected in a largely-revised Crisis Management Manual based on the premise of responding to a major earthquake with Tokyo at its epicenter. Casio also produced the Disaster Handbook for the families of its employees to deepen understanding of disaster countermeasures in the home and promote disaster readiness.

Together with the initiatives above, Casio is working to enhance its business continuity plan (BCP). In the event of an emergency that interrupts business operations, such as a major earthquake with an epicenter in the Tokyo area, the plan outlines measures for the rapid confirmation of executive and employee whereabouts and well-being, as well as damage conditions, and the quick recovery and maintenance of operations. This mechanism is focused on Casio’s global supply chain. For example, if the headquarters suffers a disaster, an emergency headquarters is set up at the appropriate key site, based on a priority determined in advance. Under the direction of the headquarters, the aim is to minimize damage by continuing to provide products and services to customers worldwide based on limited resources. Through rapid restoration of business operation, the confidence of business partners and customers is maintained.

Information System Disaster Response Measures

Establishing comprehensive systems to support business activities has become increasingly important to ensuring business continuity. In addition to being prepared for natural disasters such as earthquakes and typhoons, Casio provides employees with a remote work environment so they can stay home during outbreaks of disease, such as the COVID-19 pandemic.

To counter the risk of disaster, Casio utilizes robust external data centers with quake-absorbing structures and in-house power generation and ensures the safety of its important servers. Moreover, in addition to ensuring information security, particularly the communication environment (portal site for employees, e-mail, online meetings, etc.), the company uses external services to enhance security.

As a result of these responses, Casio has been able to make a smooth transition to remote work and to support business continuity on the systems side, adapting even to the state of emergency declared by the Japanese government due to the coronavirus.

Information Security

Casio strives to appropriately manage and handle all of its information assets, including information that it collects from customers and suppliers.
Casio has established Information Security Rules and implemented regular education for employees to continuously raise awareness of information security and ensure the implementation of safety measures.
Additionally, Casio implements measures in compliance with laws and regulations outside Japan, including the EU’s General Data Protection Regulation (GDPR), which covers the handling of personal information of European users.

Education and Awareness Raising

Information security cannot rely only on technical measures; it is also important for everyone handling information to know the required safety procedures, and to incorporate them into their work habits. At Casio, all officers and employees receive regular information security training through e-learning. The training covers general information security, as well as protection of personal information and other compliance matters, based on changes in society and in the company's business environment. Information security is being improved by providing this training content in a timely manner.
In addition, an information security handbook summarizing basic matters in clear, concise content for users has been issued to raise awareness throughout the Casio Group. The handbook has been translated and is used for training and awareness building by companies outside Japan.

Initiatives to Prevent Information Leakage

As an initiative to prevent information leakage, Casio ensures, as an organizational measure, that all employees handling information understand and follow necessary safety procedures. Casio has established internal rules regarding such matters as limitations on taking information or information devices off company premises and on sending emails externally, as well as proper information disposal. Training is provided on these rules in an effort to raise awareness and strengthen measures to prevent information leakage.
As a technical safety measure, Casio is strengthening its ability to monitor unauthorized access to its websites and suspicious transmissions on its internal network, in order to upgrade its preparedness against the recently growing threat of targeted attacks and other external attacks such as those from malware.
Accompanying the growth of remote work, Casio has further strengthened security measures at end points, such as the computers used by employees, and has deployed a multilayered defense system.

Information Security Certification and Initiatives

As an initiative to prevent information leakage, Casio ensures, as an organizational measure, that all employees handling information understand and follow necessary safety procedures. Casio has established internal rules regarding such matters as limitations on taking information or information devices off company premises and on sending emails externally, as well as proper information disposal. Training is provided on these rules in an effort to raise awareness and strengthen measures to prevent information leakage.

Image: Privacy Mark

As a technical safety measure, Casio is strengthening its ability to monitor unauthorized access to its websites and suspicious transmissions on its internal network, in order to upgrade its preparedness against the recently growing threat of targeted attacks and other external attacks such as those from malware.
Internal measures include the installation of security software and patches on company PCs, and a multi-layered defense has been created.

Image: JQA-IM0536
JQA-IM0536

Scope of application/operations for ISO27001 certification:

Information Technology & Engineering Department Casio Computer Co., Ltd.
Planning, development, maintenance and operation of internal information systems supporting the manufacture, sale and service operations for electronic devices at Casio Computer Co., Ltd. and each group company, and the development, maintenance and operation of network infrastructure for the Casio Group

  • *1 Privacy Mark: A program where the Japan Information Processing Development Corporation, a public-service foundation, evaluates the adequacy of corporate protective measures related to the handling of personal data. Companies that are found to have adequate protective measures in place are certified and permitted to display the Privacy Mark.
  • *2 A program whereby a company establishes a system for using, maintaining, and protecting information within the applicable scope (e.g., business, locations) based on international standards for information security management systems, and a certification body conducts audits of the system and issues certifications.

Stable Supply of Products

Approach to Stable Product Supply

Delivering a stable supply of products is one of the most important responsibilities of a manufacturer, and is required to ensure customer satisfaction and loyalty.
Casio aims to optimize the innovation process by leveraging its robust platforms for purchasing and manufacturing technologies. This allows Casio to consistently provide the market with high-quality products at reasonable prices while raising customer satisfaction.

Policies on Stable Product Supply

  • Formulate and execute on strategy to achieve optimal production
    Casio formulates and executes a “site strategy,” “technology strategy” and “investment strategy” to achieve an optimal and stable supply chain.
  • Pursue faster speed and greater efficiency in production, sales, and inventory process
    Casio works every day to raise the speed and enhance efficiency with the aim of optimizing production, sales and inventory by assessing the entire supply chain and always considering the customer’s perspective.

Supply Network Is Highly Responsive to Changes in Demand

Demand has changed dramatically due to the impact of the COVID-19 pandemic in fiscal 2021. Casio aims to optimize production, sales and inventory, without sticking to previous divisions of rules and systems. Examples of specific activities include early achievement of supply chain reforms and engineering reforms aimed at the post-COVID period.

  • Supply chain reform (Optimize production, sales and inventory with the minimum amount of resources and staff)
    • Promote automation of operations (reduce steady-state operations)
    • Introduce production linked to real demand (PSI linked, inventory reductions)
    • Optimize/introduce IT for functions of production and management sites (procurement, manufacturing, logistics)
  • Engineering reforms (Raise product value and achieve competitive advantages in QCD)
    • Make costs and processes for product planning/development through manufacturing visible and seamless
    • Strengthen LSM (raise profitability after commercialization)
    • Achieve zero-defect, ultra-low-cost design and manufacture

Diversifying Production Risk and Producing Core Components In-house

Casio maintains a stable supply of products by having each production site manufacture multiple product items, and by ensuring that two different sites can produce any given Casio product.

The company is also increasing the internal production of components in order to protect newly created technologies and to reduce parts procurement risk.

Production sites for individual products

Figure: Production sites for individual products

Production Sites

Yamagata Casio Co., Ltd.

Yamagata Casio, Casio’s only manufacturing site in Japan, plays a key role as the Casio Group’s “mother plant.” Yamagata Casio is supporting reforms to overseas production sites—seeking to build manufacturing systems not overly affected by labor costs—by sharing technologies from Japan (Yamagata). Yamagata Casio has implemented reforms to quality processes by introducing a completely automated line for watches, automated sensitivity testing, and an automated line for scientific calculators. Meanwhile, it has strengthened its core technologies by refining precision molding and processing technologies. The company aims to create the Casio version of the smart factory, including at overseas plants.

Casio Electronic Technology (Zhongshan) Co., Ltd.

Casio Electronic Technology (Zhongshan) is located in the Huanan region of China. It is one of the central hubs for manufacturing the main Casio products. As labor costs and production costs rise, the company is automating production and reorganizing by adopting technology from Yamagata Casio (the mother plant), striving to cut manufacturing costs. The company is taking steps to become a Casio-style smart factory.