Risk Management

  1. Basic Policy
  2. Promotion System
  3. Risk Management Initiatives

The Yamaha Group implements risk management based on the following policy.

  1. We shall establish a structure and framework for risk management and work to enhance responsiveness to risk and maximize corporate value.
  2. We shall identify, evaluate and reduce risk through risk management activities during ordinary times, conduct awareness-raising activities such as education and training, and instill a greater awareness of, fostering a greater sensitivity to risk.
  3. We shall prioritize people's safety when risks manifest themselves as crises, and coordinate with the local community to ensure sincere, appropriate and speedy response as a means to minimize all adverse impact. In addition, we shall strive to ensure the stable supply of products and services, continue business to the extent possible and contribute to the sustainable development of society.
  4. After addressing risks, we shall analyze the reasons they occurred and how they were addressed in order to ensure they do not occur again.

Classification of Risk and Definition of Risk Management

The Yamaha Group classifies the various types of risks related to its business in the following manner and is working on measures to counter each type.

External Management Environment Risk
External risk that is difficult for a company to predict
Business Process Risk
Risk in which the impact can be reduced through internal control and factor analysis, etc.
Business Strategy Risk
Risk associated with business strategy and management judgment
The Yamaha Group broadly defines "risk management" as general activities implemented to properly control the various types of risk that occur in conducting business. In addition, risk management is divided into measures and response at ordinary times and during an emergency in the following manner.
At ordinary times
Risk management (Narrow definition)
Yamaha implements measures to prevent the incidence of risk at ordinary times based on a narrow definition of risk in which risk can potentially manifest in any situation.
During an emergency
Crisis response* In case a crisis occurs, Yamaha will react quickly and accurately to minimize the impact and ensure immediate recovery based on a definition of crisis as an emergency situation in which risk has already manifested.
  • * Although all risk may be subject to crisis response, this type of response is reserved for the types of risk that may have a particularly significant impact on management.

Definition of Risk Management

[ image ] Definition of Risk Management

FY 2017 Initiatives

In fiscal 2017, we implemented a review of our risk management capabilities. We re-organized risk categories, definitions, and scenarios to ensure complete coverage, and set the plan-do-check-act (PDCA) cycle of the activities based on a risk map. Moving forward, we will put the PDCA cycle on track, as well as systematize and enhance risk management activities.

Yamaha Corporation established a Risk Management Committee as an advisory body to the President and Representative Executive Officer. This committee deliberates on matters related to risk management from a company-wide standpoint and reports its findings to the President and Representative Executive Officer. Within this committee we also established the following working groups such as the working groups for the business continuity plan (BCP) and disaster countermeasures, internal control, compliance, export screening, and information security have been established to address companywide important issues.

Risk Management System

[ image ] Risk Management System

Business Continuity Management (BCM)

In preparation for large-scale natural disasters, fires, infectious disease outbreaks, and other emergency situations, the Yamaha Group has made a number of business continuity management efforts, including the formulation of a BCP.

Main Efforts
Topic FY 2017 Achievements
System development The production, purchasing, and sales departments all began participating in the BCP/Disaster Countermeasures Working Group
Formulation of a basic policy and rules Formulated Infectious Disease Countermeasures following on the formulation of the BCP guideline as well as BCP/Disaster Basic Countermeasures, Earthquake Countermeasures, and Fire Countermeasures and Storm and Flood Damage Countermeasures
Drafting of a BCP and conducting training (1) As part of BCP revisions, established target times for carrying out business recovery policies in a short timeframe
(2) In order to ensure the effectiveness of current response measures and improved BCP effectiveness, conducted Disaster Task Force training ("blind scenario" training) that puts participants in a situation where business is stopped immediately after a disaster occurs. Made improvements to the BCP based on training results
Develop infrastructure (1) Implemented a 3-year earthquake resistance plan based on building earthquake proofing standards established in FY 2016
(2) Formulated the Yamaha Equipment Earthquake Resistance Standards
(3) Implemented an employee safety check system
[ image ] Disaster Management Headquarters Training
Disaster Management Headquarters Training
[ image ] Improving earthquake resistance at a Nagoya business site
Improving earthquake resistance at a Nagoya business site

Safety Management at Overseas Production Sites

In the Yamaha Group, health and safety managers from Yamaha conduct patrols while facility control managers conduct facility audits at overseas production facilities. Focused on production and other equipment, these efforts are aimed at preventing accidents and disasters while improving health and safety levels. With respect to occupational health, the Group conducts risk assessments and otherwise improves safety levels while at the same time having health and industrial physicians from Japan to provide education and guidance on improving the workplace environment, which includes making improvements to personal protection equipment.

[ image ] Industrial physician advising on the proper way to wear protective equipment
Industrial physician advising on the proper way to wear protective equipment
[ image ] Facility audit in Indonesia
Facility audit in Indonesia

Export Control

The Yamaha Group has established provisions for national security-related trade control in its Compliance Code of Conduct as rules pertaining to international trading.

A Working Group for Export Screening has been established under the Risk Management Committee at Yamaha Corporation, formulating export control regulations and regulations for import and export procedures among others, and establishing a work process related to export control. Yamaha is also working to educate its employees on and improve their awareness of the importance of export control in the company by conducting export control seminars led by industry experts.

Environmental Risk Management

In order to prevent environmental contamination, the Yamaha Group carries out a range of activities that include regularly monitoring its plants, conducting environmental audits, and providing emergency response training.

Information Security

The leakage of personal information and other important information held by a company has the potential to not only damage third parties but also become a case of gross negligence that can harm the company's reputation.
The Yamaha Group perceives information security as a critical aspect of risk management. Accordingly, we established the Information Security Working Group under the Risk Management Committee in 2014. The subcommittee has put together a policy on information management and is working to enhance the quality of this management by keeping track of the current management system while identifying vulnerabilities and guiding efforts to address them. In addition to having established rules for the usage and management of the information system as part of the Compliance Code of Conduct, the subcommittee is working hard to ensure employees understand the importance of preventing inadvertent data leaks and protecting against hacking by third parties.