To ensure sustainability and reliability of our corporate activities, Alpine analyzes a wide range of possible risk factors. The risks are categorized into “Disaster risk”, “Infection risk”, “Business risk” and “Information risk”, each backed by advance crisis countermeasure actions, and in case of emergencies minimize the damages incurred.
Risk Management Approach
The Alps and Alpine Groups recognize as key risk management themes the prevention of risks that have a potentially large impact on business, and appropriate action and quick recovery when they do occur. Initiatives are advanced under the policy shown on the right.
Risk Management Policy
- We will place top priority on ensuring the safety of employees, all people on company premises (including visitors, related company employees, on-site subcontractors and temp staff) and families of employees.
- We will continue business activities as long as we can, and do everything we can to maintain the supply of products and the provision of services to customers.
- We will endeavor to preserve both tangible and intangible company assets and make efforts to minimize damage using the most suitable methods.
- We will demonstrate responsible conduct, take quick and appropriate action, and strive to restore operations when risks do eventuate in order to earn the trust of customers, shareholders and all other stakeholders.
Business Continuity Management
We have established a business continuity plan (BCP) that keeps pace with environmental changes in order to ensure the safety of our employees and their families, and minimize the impact on our customers in the event of an emergency situation. The plan is always subject to review. We have strengthened collaboration with group companies and enhanced our business continuity plan. We also have established a disaster action system to handle the initial response to customers and media by the Alpine Disaster Action Headquarters.
Safety Confirmation System Development
Alpine adopted an Internet-based comprehensive safety confirmation system after the Great East Japan Earthquake in 2011, and carried out periodical drills for preparation.
Alpine Fire Brigade
Iwaki Headquarters set up the Alpine Fire Brigade as a fire defense organization for self-protection according to the requirement for large-scale properties under the Fire Service Act. The Fire Brigade is made up of employees and conducts periodical training (fire drills, use of fire extinguishers and AED, etc.) twice monthly to prepare for initial firefighting operations, emergency evacuation and aid in time of disaster.
Information Security Policy
The Alpine Group fully utilizes information it has created and obtained through its business activities to provide high added-value products and services.
We consider such information to be important property, and recognize the great social responsibility placed on us to care for it properly. We exercise due care in the handling of such information, and continue working on information security as an important business tasks.
Approaches to Information Management
Since 2015 we have strengthened and promoted the quality of controls and have continued our efforts to accelerate these operations. As part of these efforts, in fiscal year 2017, we planned to reform our in-house document management system to improve its convenience and safety, and prepared an IT environment that would lead to the strengthening of the Business Continuity Plan; starting in fiscal year 2018, we have been implementing them, step by step.
EU GDPR Compliance
The European Union’s General Data Protection Regulation (EU GDPR) came into force in May 2018. In response to this, Alpine has established a new management structure with respect to the handling of personal information in Europe. We have set up group global guidelines to protect privacy and to strengthen cybersecurity.
Incidents Related to Information Security Management
We count violations of internal rules due to carelessness or other reasons as security incidents. In fiscal year 2017 we experienced seven such incidents. Fortunately, however, none of these security incidents had an adverse impact on our customers or trading partners.
Incidents related to information security management
Information Security Education
Alpine institutes a wide range of educational programs suitable for each employee layer to enhance information security knowledge and raise awareness.
Programs implemented in fiscal year 2017
- Information security training program for new employees (group-type)
- Information security training program for regular employees (e-learning)
- Information security program for new managers (group-type)
- Security training programs according to different work needs (group-type)