Information Management
The ID Group is committed to the appropriate and responsible handling of personal information and other information assets. To that end we have established a series of regulations, including the Basic Policy on Information Management and Personal Information Protection Rules. We update our internal regulations and operation rules as the EU General Data Protection Regulation (GDPR, applicable as of May 2018) requested.
The Group is also working to strengthen its organizational approach to information management: established an Information Management Committee, which confers across organizational lines on information management generally. The Group devises a wide range of security measures and strives to raise and improve awareness of them on the personnel level, for example, by providing repeated training. Aiming for continuous improvement, the Group obtained P-mark certification in September 2003 and certification under ISO/IEC 27001 (Information Security) for its business-process outsourcing operations in February 2007, and continuously upholds and continues these certifications.
Going forward, the ID Group will continue to support and improve information security, making every effort to provide service that earns customers’ satisfaction. However, in the event that customer or business-related information is lost, tampered with, leaked or otherwise compromised due to unlawful access, major error or other mishaps, such an incident carries the risk of eroding trust in the Group or harming its business results and financial position.
Risk from Software Development and Execution of Infrastructure-building Projects
Software development and infrastructure-building projects are becoming increasingly advanced and complex, even as delivery schedules tighten. While software or a project is under development, requirements can change, or problems such as degraded quality or extension of deadlines can occur, thereby incurring risk. The ID Group is taking a number of steps to minimize these risks. First, the ID Group is introducing a quality management system conforming to ISO 9001. Also, the Project and Systems Division and Quality Management Division carefully scrutinize the quality, cost, and delivery (QCD) status of each project, to prevent unprofitable projects by detecting and forecasting abnormalities and dealing with them in a timely manner.
Even with all of these measures in place, however, roadblocks cannot be prevented completely. Additional costs may be incurred, degrading the profitability of a project, thereby harming the Group’s business results and financial position.
Risk Related to the System Operation Management Business
System operation management carries some risk of the system malfunction, delay in the provision of information, or other problems caused by operational error and the like. To prevent such hindrances, the Group has established a Quality Management Division, which executes actions such as training to prevent failures from happening, analyzing, and giving feedback on the causes of failures. In addition, the Group has acquired certification under ISO 9001 and is constantly working to improve quality. Nonetheless, in the event of a major system malfunction or similar mishap, the Group may be obliged to provide restitution of damages, which may harm the Group’s business results and financial position.
Dependence on Specific Business Partners
The Group’s business with the companies of the Mizuho Financial Group constitutes an especially large component of its net sales. Therefore, fluctuations in the transactions to the ID Group by the Mizuho Financial Group can have a significant impact on the Group’s business results and financial position.
Changes in the Market Environment
The field in which the ID Group operates is characterized by quickly changing customer needs, driven by rapid technological innovation. Backed by knowledge and expertise regarding the operation of customer systems accumulated over many years, the Group strives to provide high-value-added services in line with customer needs, by combining existing service solutions with state-of-the-art technology. Nonetheless, the risk exists that the services the Group provides could become obsolescent, reducing the Group’s competitiveness. Such an occurrence could be deleterious to the Group’s business results and financial position.
Hiring Risk
Supporting the latest IT and improving customer satisfaction requires excellent personnel. Finding, hiring, and retaining such outstanding people is therefore an important issue. The ID Group focuses resources on finding ways to improve its personnel system, securing high-value-added personnel, recruitment, and personnel training, and hiring and training activities. If, despite these best efforts, the Group is unable to attract and train outstanding individuals, or if its needs change as a result of reorganization and it is unable to supplement its workforce with personnel who match its needs, the Group’s business results and financial position may be adversely affected.
Procurement of Needed Personnel Through Partner Companies
In order to obtain personnel who match its project needs in a flexible manner, the Group makes extensive use of personnel procurement through its partner companies. The Group is reinforcing its cooperative relationships with over 150 partner companies while seeking out and developing new partners, in a constant effort to improve its personnel recruitment capabilities. Even so, in cases where the Group is unable to fill its personnel needs, adverse impact on its business results and financial position may occur.
Acquisition Risk
One of the strategies by which the Group expands its operations is mergers and acquisitions (M&A). When acquiring a company or merging it with a Group company, the Group makes every effort to avoid risk in advance by performing due diligence regarding the acquisition target’s financial position and other aspects. Despite such precautions, however, changes in the market environment and unforeseen occurrences can prevent the Group from enjoying the originally anticipated effects of the merger or acquisition. In such cases, the Group’s business results and financial position may be adversely affected.
Natural Disasters, Terrorism, Infectious Disease, etc.
As with any business, the Group’s operations are vulnerable to obstruction from major natural disasters such as earthquakes and flooding, acts of terrorism and other criminal activity, and the spread of infectious disease. The Group has taken a number of measures to minimize the impact from such events, including the formulation of a Business Continuation Plan (BCP), preparation of a Crisis Management Manual, the establishment of back-up centers, the introduction of a safety confirmation system and provision of disaster-preparedness training. Despite all such precautions, however, the harm from natural disasters, terrorism, infectious disease and other threats can never be completely avoided, and may cause even greater damage than anticipated. In such cases, the Group’s business results and financial position may be adversely affected.
Risk Regarding Global Operations
A vital component of the Group’s operating strategy is its advancement of global business, focusing on Asia ex-Japan, notably including China, Singapore and Myanmar; North America; and Europe. In executing this global business, the Group’s business results and financial position are subject to the impact of numerous factors, including global economic and trade trends, laws and regulations governing business, differences in business customs, and political and social change.
