Casio is making efforts to ensure management stability and safety by responding appropriately to the various risks surrounding the company. These efforts are carried out under the leadership of the officer responsible for risk management in line with Casio’s basic policy to “forecast risk and seek to ensure business continuity and improve corporate value through prevention measures that minimize losses brought by risk and through effective ex-post measures when a loss occurs.”
Risk Management System
- Casio has established an appropriate risk management system under which relevant departments proactively carry out risk management activities based on Risk Management Rules under the administration of the CSR Committee.
- In order to respond to unforeseen circumstances as a corporate organization, Casio has issued and operates a Crisis Management Manual with the main aims of ensuring the safety of officers, employees, and their families and safeguarding corporate assets.
- Based on Fundamental Policies on Product Safety, Casio has established, carries out, and continually improves independent action plans related to product safety, with each business division undertaking quality assurance activities such as visualization of quality, sharing of quality information, and deciding on quality policies and measures.
- Casio has established a secretariat, which is responsible for overall implementation as well as progress management and assessment, and an auditing department, which audits the appropriateness of risk management activities.
Creating a Future System
IIn addition to the above risk management system that has been in operation for a long time, Casio newly established the Corporate Governance Division (currently the Corporate Governance Group in the General Affairs Department) in a company-wide reorganization in June 2018, which will oversee and drive the establishment of the following three systems:
- Basic system
The education, training, and various manuals that are the foundation of company-wide risk management will be redeveloped in an effort to prevent the occurrence of loss and to minimize effects on the company’s business in the event a loss does occur.
- Communication system
Structures for ensuring business continuity and meeting stakeholder requests will be put in place by smoothly and quickly assessing the situation and enabling prompt communication of information to management and relevant departments.
- Countermeasures implementation system
Stable business continuity will be ensured by envisioning and establishing a watertight system for making an effective initial response in the event of a loss occurring and for implementing appropriate decision-making.
Business Continuity Plan (BCP) Initiatives
In order to respond to emergencies with the resources of the company organization, Casio has created a Crisis Management Manual for securing the safety of all employees, executives, and their families, preserving corporate assets. Sequential updates of the manual keep pace with changes in the business environment, and the company is taking practical initiatives at the same time. Specifically, the following measures have already been undertaken:
- Implementation of regular evacuation drills and general lifesaving classes for employees
- Distribution of emergency assistance kits to employees and additional disaster stockpiling
- Disaster prevention drill with the local community and provision of an open area for a temporary evacuation site
However, in the Great East Japan Earthquake, which struck in March 2011, circumstances were encountered that far exceeded previous expectations. Casio used the lessons learned to identify various points for improvement. These points were reflected in a largely-revised Crisis Management Manual based on the premise of responding to a major earthquake with Tokyo at its epicenter. Casio also produced the Disaster Handbook for the families of its employees to deepen understanding of disaster countermeasures in the home and promote disaster readiness.
Together with the initiatives above, Casio is working to enhance its business continuity plan (BCP). In the event of an emergency that interrupts business operations, such as a major earthquake with an epicenter in the Tokyo area, the plan outlines measures for the rapid confirmation of executive and employee whereabouts and well-being, as well as damage conditions, and the quick recovery and maintenance of operations. This mechanism is focused on Casio’s global supply chain. For example, if the headquarters suffers a disaster, an emergency headquarters is set up at the appropriate key site, based on a priority determined in advance. Under the direction of the headquarters, the aim is to minimize damage by continuing to provide products and services to customers worldwide based on limited resources. Through rapid restoration of business operation, the confidence of business partners and customers is maintained.
Information System Disaster Response Measures
To ensure business continuity, it is vital to protect information systems against earthquakes and other disasters. In addition to an internal data center, Casio utilizes a secure external data center that features seismic construction and self-contained power generation.
As a measure to reduce disaster risk, Casio finished moving all its important servers, including those for mission-critical tasks, to external data centers and established an environment that can continue to operate even after a disaster. It also moved its e-mail system, an important means of communication, to an external provider.
The company also performs disaster drills in conjunction with the group-wide business continuity plan.
Casio strives to appropriately manage and handle all of its information assets, including information that it collects from customers and suppliers.
Casio has established Information Security Rules and implemented regular education for employees to continuously raise awareness of information security and ensure the implementation of safety measures.
Additionally, Casio follows the EU’s General Data Protection Regulation (GDPR) regarding the handling of personal information of European users.
Education and Awareness Raising
Information security cannot rely only on technical measures; it is also important for everyone handling information to know the required safety procedures, and to incorporate them into their work habits. At Casio, all officers and employees receive regular information security training through e-learning. The training covers general information security, as well as protection of personal information and other compliance matters, based on changes in society and in the company's business environment. Information security is being improved by providing this training content in a timely manner.
In addition, an information security handbook summarizing basic matters in clear, concise content for users has been issued to raise awareness throughout the Casio Group. The handbook has been translated and is used for training and awareness building by companies outside Japan.
Initiatives to Prevent Information Leakage
As an initiative to prevent information leakage, Casio ensures, as an organizational measure, that all employees handling information understand and follow necessary safety procedures. Casio has established internal rules regarding such matters as limitations on taking information or information devices off company premises and on sending emails externally, as well as proper information disposal. Training is provided on these rules in an effort to raise awareness and strengthen measures to prevent information leakage.
As a technical safety measure, Casio is strengthening its ability to monitor unauthorized access to its websites and suspicious transmissions on its internal network, in order to upgrade its preparedness against the recently growing threat of targeted attacks and other external attacks such as those from malware.
Internal measures include the installation of security software and patches on company PCs, and a multi-layered defense has been created.
Information Security Certification and Initiatives
In December 2005, Casio Computer Co., Ltd. obtained Privacy Mark*1 certification and has maintained it since.
Casio's Information Systems Department obtained information security management system (ISO 27001)*2 certification in November 2007. The aim of applying for certification was to evaluate fulfillment of responsibility by the department, which takes care of information assets for the entire company. Since then, the department has made continual improvements using PDCA cycles. The PDCA cycle is used to make ongoing improvements, and since the certification renewal audit in January 2017, the applicable scope has covered all group companies’ IT systems, and certifications continue to be renewed.
Scope of application/operations for ISO27001 certification:
Information Technology & Engineering Department Casio Computer Co., Ltd.
Planning, development, maintenance and operation of internal information systems supporting the manufacture, sale and service operations for electronic devices at Casio Computer Co., Ltd. and each group company, and the development, maintenance and operation of network infrastructure for the Casio Group
- *1Privacy Mark: A program where the Japan Information Processing Development Corporation, a public-service foundation, evaluates the adequacy of corporate protective measures related to the handling of personal data. Companies that are found to have adequate protective measures in place are certified and permitted to display the Privacy Mark.
- *2A program whereby a company establishes a system for using, maintaining, and protecting information within the applicable scope (e.g., business, locations) based on international standards for information security management systems, and a certification body conducts audits of the system and issues certifications.
Stable Supply of Products
Approach to Stable Product Supply
Delivering a stable supply of products to consumers is one of the most important responsibilities of a manufacturer, and is required to ensure customer satisfaction and loyalty.
As part of Casio's mission to provide delight, happiness, and pleasure to customers through its innovative products, the company is promoting the following policies.
Policies on Stable Product Supply
- We strive to shorten production lead-time and improve planning and execution accuracy by using IT to optimize the supply chain (procurement-production-logistics-sales-service).
- We build good relationships with component suppliers to ensure stable procurement.
- We improve the efficiency of manufacturing and ensure stability by:
- Improving manufacturing at the mother plant; and
- Promoting manufacturing reforms (automation).
Supply Network Is Highly Responsive to Changes in Demand
Casio uses supply chain management (SCM) at production sites in response to changes in market conditions and demand for high-mix/low-volume product offerings, seeking to speed up the planning cycle and provide a stable supply of salable products.
Specific initiatives include efforts to standardize work processes such as parts delivery controls, materials warehouse management, and manufacturing process management. Casio aims to achieve integrated manufacturing (total optimization) by using the same systems and same methods at different production sites. These initiatives are necessary to increase shipment precision, shorten production lead times, and shrink unused assets, and are already becoming mission-critical systems. The timepiece business in particular, which conducts production at multiple sites, in Yamagata (Japan), China, and Thailand, must respond rapidly to the changing environment in each region. Smooth operation of SCM enables the deployment of standardized IT tools and production equipment as well as the appropriate distribution of supply capacity.
Casio will move to multisite production in other product categories in the future and build an even more sophisticated SCM system.
Diversifying Production Risk and Producing Core Components In-house
Casio maintains a stable supply of products by having each production site manufacture multiple product items, and by ensuring that two different sites can produce any given Casio product.
The company is also increasing the internal production of components in order to protect newly created technologies and to reduce parts procurement risk.
Production sites for individual products
Yamagata Casio Co., Ltd.
Yamagata Casio, Casio’s only manufacturing site in Japan, plays a key role as the Casio Group’s “mother plant.” Aiming for reforms to overseas production (by establishing manufacturing that is not overly affected by labor costs) through technical expansion from Japan (Yamagata), Yamagata Casio has a completely automated line for watches, and has automated sensitivity testing and introduced high-precision molding as well as strengthened its core technology by refining its processing technology and quality process. The company aims to create the Casio version of the smart factory, including at overseas plants.
Casio Electronic Technology (Zhongshan) Co., Ltd.
Casio Electronic Technology (Zhongshan) is located in the Huanan region of China. It is one of the central hubs for manufacturing the main Casio products. As labor costs and production costs rise, the company is automating production and reorganizing by adopting technology from Yamagata Casio (the mother plant), striving to cut manufacturing costs. The company is taking steps to become a Casio-style smart factory.