Investor Relations Operational and Other Risks
The ID Group is committed to obtaining an accurate grasp of the various risks that can have important effects on investors’ judgements and reducing risks that may have an impact on its management. For this purpose, the Group established the Group Risk Management Committee as an advisory body to the Board of Directors. The Committee divided the main risks it anticipates for the ID Group into three categories—management and financial risk; personnel, labor and general social risk; and business-segment risk—and established subcommittees for each. The subcommittees identify specific risks and propose measures to deal with them, and the Group Risk Management Committee deliberates on and examines those proposals.
The following are some of the items related to the Group’s business results, accounts and similar matters that may have an important impact on investors’ judgements. Future-oriented statements in the text below constitutes the judgement of the Group as of the date of submission of the Group’s Annual Securities Report (June 24, 2024) .
1. Changes in the market environment
The ID Group has positioned DX as the pillar of our growth strategy in our Mid-Term Management Plan. As such, the ID Group will work closely with our partner companies to support clients’ DX promotion and develop proprietary solutions in the future growth areas of cloud computing and cybersecurity. In addition, the Group is responding to the changing market environment by developing highly skilled engineers and innovative leaders in DX-related fields in order to provide high value-added services that meet customer needs.
2. Corporate acquisition
One of the Group’s strategies for expanding operations is to do so through mergers and acquisitions. However, changes in the market environment and unexpected events may prevent the Group from implementing these moves or result in effects other than originally anticipated. In such cases, the business results and financial condition of the ID Group may be impacted, for example by the need to appropriate impairment of goodwill or a loss on valuation of shares in affiliated companies.When implementing mergers and acquisitions, the Group strives to prevent these risks through due diligence by specialists such as accountants and lawyers, who examine the financial and tax status of target companies, related legal matters and other aspects. After the merger or acquisition is completed, the Group regularly monitors the management of the acquired company by attending meetings of the Board of Directors, inspecting its accounts and other measures. In these ways the Group strives to obtain a clear understanding of the impact of the merger or acquisition on the business results and financial condition of the ID Group.
3. Global business
Led by the Global Management Department, the ID Group maintains an appropriate understanding of business conditions at each overseas location and changes in the external environment. On individual risk events, the Group Risk Management Committee examines the details, confirms conditions, confirms progress on countermeasures and examines the effects of countermeasures. In these ways the Group makes every effort to reduce risks.
As of March 31, 2023, the Group has terminated operations in Myanmar due to lingering political instability in that country. The impact of this decision on Group business results is negligible.
4. Securing personnel
The Group strives to recruit and retain high-value-added personnel, both in Japan and overseas, including both fresh graduates and mid-career hires. After hiring, recruits follow a planned program of rotation and training, to cultivate and advance them as high-quality engineers. To respond to changing customer needs, the Group encourages employees to update and expand their skill sets and ventures into new business areas.
5. Information management
The Group has taken other steps to ensure data security as well. The Information Management Committee was established to conduct cross-sectoral deliberations on information management generally and is working to strengthen the Group’s information management framework. Led by the Computer Incident Response Team (CSIRT), a dedicated cybersecurity team, the Group is strengthening various security measures and taking steps for effective response when incidents occur.
Finally, the Group is taking steps to improve employees’ compliance mindset. Employees are provided regular training on cybersecurity measures and education on revisions to Group regulations in response to laws and ordinances. Moreover, the Group has obtained certification under PrivacyMark and ISO27002 and is committed to maintaining and supporting those certifications.
6. Sustainability
The Group Risk Management Committee, chaired by the President and Representative Director, identifies, assesses and manages Group-wide risks, including those involving important issues (“materialities”) listed by the Sustainability Committee. The Group Risk Management Committee reports these findings to the Board of Directors.
The Group Risk Management Committee divides foreseeable risks into three categories: management and financial risks; personnel, labor and overall social risks; and business-division risks. For each risk category, the Group Risk Management Committee establishes an examining subcommittee, which brings risks to light and proposes measures to deal with them. Based on the work of the examining subcommittees, the Group Risk Management Committee deliberates on the revealed risks, verifies them and conducts an annual review of risks.
If a risk event occurs, the Group Risk Management Committee establishes an Emergency Measures Division, in accordance with the ID Group Emergency Response Regulations, to take prompt and appropriate responsive action.
7. Climate change initiatives
The Group Risk Management Committee, chaired by the President, Representative Director and Group CEO, identifies, evaluates, manages group-wide risks, including those related to climate change, and reports the results to the Board of Directors.
8. Natural disasters, conflict, terrorism and pandemic-level infectious diseases
Such irregular events can obstruct the execution of Group operations. To minimize their impact, the Group has prepared a Crisis Management Manual and Business Continuity Plan (BCP). The Group has also taken a range of other preventive actions. Some head-office functions have been shifted to Sanin Business Process Outsourcing Center, mitigating risk from centralization, and the Group continues to advance diversification of work styles, including promotion of remote work. The Group will continue to strive to ensure business continuity, by accumulating stores of food and medical goods, revising manuals and conducting regular drills on the use of safety confirmation systems.
9. Software development and implementation of IT infrastructure projects
To hedge these risks, the ID Group is introducing quality management systems that conform to ISO9001. When an inquiry for a new, large project is received, an order-acceptance review meeting is convened to examine the project based on management judgements of business policy, profitability, staffing, technical competence and opportunities to build technical knowledge. Also, the Quality Management Division analyzes and manages risk across all processes, from the project-proposal and estimate stages to delivery, conducting regular reviews of quality, cost and delivery (QCD) as the project unfolds. In this way abnormalities can be detected at an early stage to prevent the occurrence of unprofitable projects.
To strengthen project management, the Group has established a Global Innovation Center (GIC). Through the GIC, the Group is establishing a framework for unified management of projects, under a project-based organization. This new organization reinforces management of projects awarded in batches while enabling projects to be staffed flexibly and appropriately.
10. System management
The ID Group is making a number of moves to prevent such system failures. For example, the Group thoroughly implements a system for double-checking of high-impact projects and uses a suite of tools to enhance automation. The Quality Management Division plans and executes a variety of measures, including training to prevent failures, analyzing and giving feedback on the causes of failures, and on-site inspections. Moreover, the Group has obtained certification under ISO9001 and is continuously improving quality. As of this writing, no major system failures have occurred.
DX is advancing in the field of system management, which is the Group’s core business. As DX progresses, companies are slashing maintenance costs in existing systems, advancing automation and moving to use of the public cloud, while major customers of the ID Group are shifting to next-generation systems and centralizing operations. Given the enormity of the transformation now under way, if the Group were to confine itself to simple, conventional operations, it would risk a major downsizing of its business.
The ID Group is implementing a number of DX strategies, such as automation of operations that enhance value-added in work vital for the future viability of its system management business. The Group is also advancing changes in employees’ skill sets.
In addition, the Group is continuing to advance smart operation services. These include automation through AI; improvement of efficiency through support for remote operation; operation of low-cost, high-quality SaaS systems; and sales of ID-VROP, a virtual system operation center accessible through a metaverse.
11. Recruiting from partner companies
To minimize this risk, the Group shares information closely with partner companies. On a regular basis, the Group conducts partner meetings and seminars, sharing information about business policies, individual projects and case studies of trouble encountered. With its core partners, the Group is further strengthening cooperative relationships, forming cooperative frameworks to improve its ability to win batch project orders and enhance quality management. In these ways, the Group is working to improve quality as well as its ability to assign capable people.
In addition, the Group is striving to secure high-value engineering personnel conversant in DX-related technologies, for which demand is steadily increasing. The Group is pursuing this goal by disclosing information on topics such as Group measures to attract such personnel and its personnel training policy and supporting training in these technologies for Group employees as well as for engineers at partner companies.