Basic Approach

At NICHINO Group, we regard risk management as a crucial management function, prioritizing the prevention of potential risks inherent in our business operations and the minimization of losses resulting from risk realization. The comprehensive risk management policy and framework are governed by the Risk Management Regulations, with the Risk Management Committee serving as the principal body responsible for identifying, evaluating, and implementing risk mitigation measures.

Risk Management Initiative

In FY2024, we enhanced risk management through the following initiatives.
Workplace Risk Management Meeting (RMM): Held twice a year to enhance on-site risk awareness by disseminating information and facilitating discussions on management and departmental risks.

Group Compliance and Risk Management Council: Facilitates collaboration with domestic and overseas Group companies to promote sharing of legal compliance matters and compliance-related issues.

Reclassification of risks: Conducted a reclassification based on the characteristics of each business, categorizing risks into “management risks” and “ departmental risks ” to enhance systematic management.

Audits and guidance at overseas sites: Strengthened risk responses related to global expansion through the auditing of Nichino India Pvt. Ltd. (NIN), enhancements to production environment controls, and improvements in U.S. offshore inventory management.

Information Security

NICHINO Group positions the protection of information assets as a critical management priority, and we promote the strengthening of information security based on a group-wide standard model.

The introduction of a zero-trust security model is a pillar in the medium-term management plan, and we have already deployed SASE (Secure Access Service Edge), which controls internal and external access, at domestic Group companies. Additionally, at Nihon Nohyaku on a standalone basis, we have started utilizing XDR (Extended Detection and Response) for advanced threat detection and SOC (Security Operation Center) for monitoring, and are currently considering expanding these systems to domestic Group companies.

In recent years, as cyberattacks have become increasingly sophisticated and complex, there is a growing need to strengthen response capabilities across the entire Group. In FY2024, Nichino Ryokka experienced a ransomware attack. This incident served as a catalyst for reaffirming the importance of security measures, prompting a review of the incident response framework and accelerating efforts to standardize technical measures aimed at early detection and containment.

For overseas consolidated Group companies, we are conducting a survey during FY2025 to assess the current status of IT and security systems. We are also acvancing the development of the NICHINO Group Information Security Regulations, which will apply across the entire Group including domestic and overseas entities. Through these regulations, we aim to strengthen security governance group-wide by protecting information assets, responding to cyberattacks, and standardizing incident reporting and response procedures.

In addition, we continuously conduct awareness activities through case study videos and informational emails to embed security consciousness. By fostering an environment where each employee understands the risks around them and can appropriately respond in daily operations, we will continue to strengthen and embed our information security framework from both technological and human perspectives.

Enhancing the Business Continuity Plan (BCP)

We have established the NICHINO Group Emergency Response Regulations and guidelines for large-scale disaster countermeasures to prepare for emergencies such as a major earthquake in the Tokyo metropolitan area or infectious disease outbreaks. In FY2024, we undertook the following initiatives.

• Conducted fire drills and video-based training at the head office 
• Streamlined management of emergency stockpiles (transitioning from individual control to a method recommended by authorities) 
• Continued flexible workstyles combining office attendance and working from home