SUSTAINABILITY

Risk Management

Governance
5

Risk Management Principles

At the KYB Group, the Risk Management Committee reports to the Board of Directors, and based on the Risk Management Rules, it identifies material risks the Group must address and the business units responsible for managing them, conducts risk management initiatives at each responsible business unit, and presents regularly updates to the Board of Directors and the Board of Executive Officers.

Responding to Business Continuity

Group-wide disaster response including subsidiaries

At KYB, protecting human life is our highest priority in the event of a major disaster. By ensuring that employees and stakeholders understand and follow disaster-response protocols, we aim to enable swift initial actions, minimize damage, support customers, suppliers, and local communities, and resume operations as early as possible. Accordingly, we continue to strengthen our business continuity initiatives. In recent years, disaster risks have increased due not only to major earthquakes but also to climate-related events. To prepare for earthquakes, we conduct annual group drills at eight domestic plants and three subsidiaries, simulating realistic scenarios and reinforcing initial-response capabilities. We also implement preventive measures such as securing equipment and strengthening coordination across departments. From the supply chain perspective, we work with business partners to enhance damage mitigation, inventory management, and alternative sourcing to support early production recovery. In addition, to address flood risks from heavy rainfall, we assess local hazard maps, historical rainfall, and future projections, and are advancing Group-wide initiatives to strengthen flood countermeasures and resilience.

Information Security

To strengthen information security, the KYB Group has established an Information Security Basic Policy and appointed Information Security Supervisory Officers at each plant and office. As cyber risks continue to escalate--including ransomware, geopolitical cyber threats, and emerging attacks leveraging generative AI--we are reinforcing Group-wide controls and promoting initiatives led by KYB-CSIRT to ensure swift response and continuous risk reduction. We conduct cybersecurity e-learning, targeted email attack drills, and incident simulation training to enhance employee awareness. At the same time, we are strengthening security governance across consolidated subsidiaries and using cloud-based third-party risk assessment services for continuous monitoring and improvement. We also promote cybersecurity measures aligned with automotive industry guidelines and support suppliers in enhancing supply-chain security. In addition, to enhance IT resilience, we are advancing cloud migration in coordination with company-wide BCP initiatives, balancing business continuity requirements with appropriate IT investment.

Main Initiatives for FY2024

  • Conducted continuous education and training for all executives and employees
  • Conducted self-assessment in accordance with the standard automobile industry security guideline
  • Strengthening cyberattack countermeasures in the supply chain
  • Hired third-party security evaluation organization to conduct vulnerability assessments
  • Conducted cyber BCP drill
  • Preparation and maintenance of response manuals for cyber incidents