Investor Relations Operational and Other Risks
The ID Group is committed to obtaining an accurate grasp of the various risks that can have important effects on investors’ judgements and reducing risks that may have an impact on its management. For this purpose, the Group established the Group Risk Management Committee as an advisory body to the Board of Directors. The Committee divided the main risks it anticipates for the ID Group into three categories—management and financial risk; personnel, labor and general social risk; and business-segment risk—and established subcommittees for each. The subcommittees identify specific risks and propose measures to deal with them, and the Group Risk Management Committee deliberates on and examines those proposals.
The following are some of the items related to the Group’s business results, accounts and similar matters that may have an important impact on investors’ judgements. Future-oriented statements in the text below constitutes the judgement of the Group as of the date of submission of the Group’s Annual Securities Report (June 26, 2023) .
1. Changes in the market environment
The ID Group has positioned DX as the pillar of our growth strategy in our Mid-Term Management Plan. As such, the ID Group will work closely with our partner companies to support clients’ DX promotion and develop proprietary solutions in the future growth areas of cloud computing and cybersecurity. In addition, the Group is responding to the changing market environment by developing highly skilled engineers and innovative leaders in DX-related fields in order to provide high value-added services that meet customer needs.
2. Corporate acquisition
One of the Group’s strategies for expanding operations is to do so through mergers and acquisitions. However, changes in the market environment and unexpected events may prevent the Group from implementing these moves or result in effects other than originally anticipated. In such cases, the business results and financial condition of the ID Group may be impacted, for example by the need to appropriate impairment of goodwill or a loss on valuation of shares in affiliated companies.When implementing mergers and acquisitions, the Group strives to prevent these risks through due diligence by specialists such as accountants and lawyers, who examine the financial and tax status of target companies, related legal matters and other aspects. After the merger or acquisition is completed, the Group regularly monitors the management of the acquired company by attending meetings of the Board of Directors, inspecting its accounts and other measures. In these ways the Group strives to obtain a clear understanding of the impact of the merger or acquisition on the business results and financial condition of the ID Group.
3. Global business
Led by the Global Management Department, the ID Group maintains an appropriate understanding of business conditions at each overseas location and changes in the external environment. On individual risk events, the Group Risk Management Committee examines the details, confirms conditions, confirms progress on countermeasures and examines the effects of countermeasures. In these ways the Group makes every effort to reduce risks.
In Myanmar, the Group is moving forward with reducing its operations, due to persistent instability in political conditions in that country. The impact on the Group’s business results is minimal.
4. Recruitment
To respond to these challenges, the ID Group strives to hire people who offer high value-added both in Japan and abroad, whether as fresh graduates or as mid-career hires. After they join the Group, new hires undergo planned rotation and training, to develop and promote them as advanced technology engineers. To respond to customers’ changing needs, the Group is encouraging its personnel to expand their skill sets and exploring new businesses.
5. Information management
The Group has taken other steps to ensure data security as well. The Information Management Committee was established to conduct cross-sectoral deliberations on information management generally and is working to strengthen the Group’s information management framework. Led by the Computer Incident Response Team (CSIRT), a dedicated cybersecurity team, the Group is strengthening various security measures and taking steps for effective response when incidents occur.
Finally, the Group is taking steps to improve employees’ compliance mindset. Employees are provided regular training on cybersecurity measures and education on revisions to Group regulations in response to laws and ordinances. Moreover, the Group has obtained certification under PrivacyMark and ISO27001 and is committed to maintaining and supporting those certifications.
6. Sustainability
To deal with these risks, the Group Risk Management Committee, chaired by the President, Representative Director and Group CEO, identifies, evaluates and manages risk phenomena throughout the Group, including materialities (important issues) identified by the Sustainability Committee, and reports these matters to the Board of Directors.
7. Climate change initiatives
The Group Risk Management Committee, chaired by the President, Representative Director and Group CEO, identifies, evaluates, manages group-wide risks, including those related to climate change, and reports the results to the Board of Directors.
8. Natural disasters, conflicts, terrorism, infectious disease, etc.
To minimize the impact on operations from obstruction of business by unforeseen events such as earthquakes, floods and other natural disasters, as well as terrorism and other crime and the spread of infectious disease, the Group has established a Crisis Management Manual and a Business Continuity Plan (BCP). The Group shifted some head-office functions to the Sanin Business Process Outsourcing Center, to reduce centralization risk, and will continue to promote diversity in workstyles, centering on telework. The Group will continue to strive to secure business continuity by storing food and hygiene products, updating manuals and implementing regular training in the use of its safety confirmation system.
9. Software development and implementation of IT infrastructure projects
To hedge these risks, the ID Group is introducing quality management systems that conform to ISO9001. When an inquiry for a new, large project is received, an order-acceptance review meeting is convened to examine the project based on management judgements of business policy, profitability, staffing, technical competence and opportunities to build technical knowledge. Also, the Quality Management Division analyzes and manages risk across all processes, from the project-proposal and estimate stages to delivery, conducting regular reviews of quality, cost and delivery (QCD) as the project unfolds. In this way abnormalities can be detected at an early stage to prevent the occurrence of unprofitable projects.
To strengthen project management, the Group has established a Global Innovation Center (GIC). Through the GIC, the Group is establishing a framework for unified management of projects, under a project-based organization. This new organization reinforces management of projects awarded in batches while enabling projects to be staffed flexibly and appropriately.
10. Execution of system operation management
The ID Group is making a number of moves to prevent such system failures. For example, the Group thoroughly implements a system for double-checking of high-impact projects and uses a suite of tools to enhance automation. The Quality Management Division plans and executes a variety of measures, including training to prevent failures, analyzing and giving feedback on the causes of failures, and on-site inspections. Moreover, the Group has obtained certification under ISO9001 and is continuously improving quality. As of this writing, no major system failures have occurred.
DX is advancing in the field of system operation management, which is the Group’s core business. As DX progresses, companies are slashing maintenance costs in existing systems, advancing automation and moving to use of the public cloud, while major customers of the ID Group are shifting to next-generation systems and centralizing operations. Given the enormity of the transformation now under way, if the Group were to confine itself to simple, conventional operations, it would risk a major downsizing of its business.
The ID Group is implementing a number of DX strategies, such as automation of operations that enhance value-added in work vital for the future viability of its system-operation business. The Group is also advancing changes in employees’ skill sets.
To respond flexibly to clients’ needs in shifting resources to the cloud, the ID Group is moving forward with smart-operation services featuring multi-cloud support. This service is provided through the ID Cloud Managed Center, established in Yonago, Tottori Prefecture.
11. Recruiting from partner companies
To minimize this risk, the Group shares information closely with partner companies. On a regular basis, the Group conducts partner meetings and seminars, sharing information about business policies, individual projects and case studies of trouble encountered. With its core partners, the Group is further strengthening cooperative relationships, forming cooperative frameworks to improve its ability to win batch project orders and enhance quality management. In these ways, the Group is working to improve quality as well as its ability to assign capable people.
In addition, the Group is striving to secure high-value engineering personnel conversant in DX-related technologies, for which demand is steadily increasing. The Group is pursuing this goal by disclosing information on topics such as Group measures to attract such personnel and its personnel training policy and supporting training in these technologies for Group employees as well as for engineers at partner companies.