1. Home
  2. Sustainability
  3. Governance
  4. Risk management

Risk management

Table of contents

Takenaka Corporation is working to ensure business continuity by accurately identifying and preventing various risks that may occur in the course of business activities, and by minimizing the impact of such risks when they do occur.

Ⅰ. Risk management system

In preparation against antisocial forces, terrorism, cyberattacks, natural disasters, accidents and other events, all of which pose threats to people's lives and corporate activities, a Corporate Ethics Central Committee, chaired by the president, has been established to oversee overall risk and compliance for the entire company as well as to provide alerts and guidance to the entire group.

We have also set up a Compliance Committee under the Corporate Ethics Central Committee to identify important risks, formulate action policies, check the response status of individual cases, and give instructions for improvement measures. Meanwhile, a Crisis Management Committee was established in an effort to strengthen the management system for major risks that may affect the group's management and to promote crisis management activities during normal times.

Risk management organization

Ⅱ. Business continuity plans (BCPs)

1. Basic policy for BCP formulation

In anticipation of huge earthquakes, wind and floor damage, volcanic eruptions, and other large-scale natural disasters, we have formulated a business continuity plan (BCP) based on the policies below to confirm the safety of our employees and their families, and to check the status of and restore damage at each construction project office and operating site, as well as the situation at buildings that have already been delivered to customers.

  1. 1. Prioritize the safety of employees and their families, and provide prompt support in the event of any disaster.
  2. 2. Make necessary preparations in normal times for business continuity, and work toward resuming important functions as soon as possible while minimizing damage to operations.
  3. 3. When a building we constructed is damaged in a disaster, establish an emergency and recovery system within the target timeframe, and provide prompt support for the customer's business continuity activities.
  4. 4. Respond to social expectations during disasters as the construction industry through cooperation with local communities.

2. Initiatives to strengthen BCPs

Each year, we conduct initial response drills for after a disaster occurs. Done together with employees of group companies, these include disaster simulation drills, practical drills based on local characteristics, and drills to check our companywide coordination system. In light of the recent increases in damage caused by typhoons and heavy rains in various regions, we have also put together a Wind and Flood Damage Countermeasures Manual to prepare for such contingencies. In addition to earthquake, wind and flood damage, should there be a volcanic eruption, especially a massive eruption of Mt. Fuji, the Tokyo metropolitan area is expected to be severely affected by falling ash. As part of our preparations to minimize damage, we have formulated a new Volcanic Eruption Countermeasures Manual, and we are proceeding with measures against ash fall, such as facility maintenance and review of stockpiles.

Tokyo Main Office: Joint countermeasures training meeting
Tokyo Main Office: Joint countermeasures training meeting
Tokyo Main Office: Training to provide covering over necessary equipment (volcanic eruption response)

Ⅲ. Information security initiatives

The following Information Security Policy has been established to protect customer information assets and promote activities in the area of information security.

Information security management organization

1. Information Security Policy

  1. 1. Compliance with laws and regulations
    1. Comply with domestic and foreign information security laws and regulations, and other social norms.
  2. 2. Preparation of regulations
    1. Recognizing that information security is one of the most important issues in our business, maintain rules and regulations for information security management that comply with, and conform to laws, regulations, and other social norms.
  3. 3. Establishment of an information security management system
    1. Establish and steadily implement a companywide system to promote information security management in order to maintain and continuously improve organizational, personal, physical and technical information security.
  4. 4. Utilization and protection of information assets
    1. Take safety measures for information assets in order to effectively utilize them and adequately protect against threats to confidentiality, integrity and availability.
  5. 5. Implementation of information security education
    1. In addition to raising awareness of information security, provide education and training to all users.
  6. 6. Information security incident response
    1. While endeavoring to prevent information security incidents, take prompt action and recurrence prevention measures should one occur.
  7. 7. Providing support and guidance to group companies, global subsidiaries, and partner companies
    1. Promote necessary support and guidance on information security to group companies, global subsidiaries, and partner companies.

Especially in response to the recent DX-driven expansion of cloud computing, IoT, AI, etc., and the growing threat of cyberattacks, the entire Takenaka Group, including overseas subsidiaries, has established systems to prevent ransomware and unauthorized access, detect attacks early, and minimize damage, as well as an information security incident response team called TAKENAKA-SIRT. These measures are based on standard guidelines and frameworks for cybersecurity, such as the Cybersecurity Management Guidelines, which were formulated by the Ministry of Economy, Trade and Industry, and they are promoted in cooperation with industry associations and various external security-related organizations. We are also focusing on educating and raising awareness among subcontractors to strengthen cybersecurity measures in supply chains. In the event of an information security-related risk occurring, we have set up a response system through which risks are assessed and analyzed, classified into levels, and reviewed by the Crisis Management Committee as necessary. We have also established a separate basic policy for the protection of personal information, and we ensure that all executives, employees, and others are fully aware of the policy and endeavor to appropriately to safeguard personal information.

Please check here for our Privacy Policy.

Privacy Policy

Ⅳ. Business risks

Major risks that are recognized as having the potential to significantly impact our group's financial position, operating results, and cash flows are reported under “Business risks” in our annual financial statements.

  1. 1. Changes in business environment
  2. 2. Changes in prices of construction materials, equipment, and labor units
  3. 3. Changes in prices and profitability of asset holdings
  4. 4. Retirement benefit obligations
  5. 5. Credit risks of counterparties
  6. 6. Risks associated with expansion of global operations
  7. 7. Safety and health, quality, and environmental risks
  8. 8. Risks associated with PFI projects
  9. 9. Legal regulations for business
  10. 10. Information security risks
  11. 11. Large-scale natural disaster risks
  12. 12. Climate change risks
  13. 13. COVID infection risks