We have formulated risk management rules, and the Risk and Compliance Committee, chaired by the director in charge of risk management, manages risks for the entire group and strengthens the risk management structure. The Risk and Compliance Committee considers the establishment of a management system related to possible risks and the response to risks that have occurred, with the aim of facilitating the smooth operation of our group. The Risk and Compliance Committee also conducts a review of the progress of risk management, and the results of this review are reported to the Board of Directors.
To ensure the reliability of financial reporting, J-SOX Committee annually evaluates whether the internal control system is functioning effectively in compliance with the internal control reporting system (J-SOX) stipulated in the Financial Instruments and Exchange Act.
Information System Committee
With cyber-attacks becoming increasingly sophisticated and complex, we recognize that properly managing and operating customers' information assets and our management and technical information is an important corporate responsibility. To introduce, manage, and operate a secure and stable information system, we have established the Information System Committee to deliberate on the planning, construction, operation, and maintenance of information systems. In addition, this Committee formulates our information security policy, prepares plans for implementing information security management, and manages information security in accordance with those plans. We are strengthening our ongoing efforts in information security, including measures to prevent information leaks and to respond to cyber-attacks.
Information security training
To maintain and improve information security, we provide information security education for all employees in the form of e-learning once a quarter. We also improve the ability of our employees to respond to attack-type emails by sending them training emails simulating targeted attacks.
In the fiscal year ending September 2021, we conducted e-learning-based information security training for all employees, with a 100% participation rate. We will continue to work toward our goal of achieving a 100% participation rate every year with the aim of instilling an understanding of our information management rules and information security among all employees.