Under the supervision of the President and Representative Director, based on the analysis and assessment of “business risk and fraud risk in the operational areas for which they are responsible,” Executives Officers in charge establish rules and manuals. Rules and manuals include the daily risk monitoring system and stipulate preventive measures, prompt and appropriate communication and emergency preparedness when incidents occur, all of which are based on risk analysis and assessment. Established rules and manuals are revised as conditions change.
Based on the “Meaning of the Risk Control and Risk Control Basic Policy for SECOM and SECOM Group,” SECOM Group companies develop risk control systems. Furthermore, upon the occurrence of important events, SECOM Group companies will take appropriate measures under SECOM’s control.
Goals and results
In addition to thorough risk management in day-to-day business activities, we strive to strengthen the risk management system throughout the entire SECOM Group by organizing a risk management system.
IT systemization is essential in order to provide a higher level of security services more effectively to our customers. If information is leaked for some reason, the safety of customers will be severely impacted. Furthermore, if the information is not accurate and cannot be accessed in a timely manner by SECOM staff in the event of an emergency, it will not be possible to provide security services. This means that security operations can only be executed by ensuring the confidentiality, integrity, and availability which are the concept of information security management. Stated differently, information security is the essence of SECOM’s business and SECOM’s business is only possible through information security. Accordingly, SECOM prioritizes compliance and information security as elements forming our management core, and we construct and operate robust information security systems.
Specifically, SECOM has established Executive Officers and departments specializing in the supervision of information security at group companies. Through these measures, we strive to ensure information security throughout the entire SECOM Group.
In fiscal 2017, in response to the recent increase in the sophistication of cyberattacks, we strengthened controls and auditing for the operation and management of our Internet publishing systems. Moving forward, we will engage in even stricter maintenance and management of systems for the implementation, operation, and management of information security.
Protection of personal information
E-learning and confirmation tests on the protection of personal information are held every year for all employees
Security services are intended to protect the lives and assets of our customers. In order to fulfill this purpose, SECOM receives customer information including personal information, based on our contracts with customers. Leakage of such information to other parties would severely impact the safety of customers. Therefore, strict storage and management of customer information, including personal information, is extremely important for our security services business. SECOM assures the protection of the personal information of our customers according to the following policies, and strictly stores and manages the information.
In regard to personal information received from customers, etc., SECOM complies with laws, government guidelines, and other related standards. Furthermore, SECOM does not handle personal information outside of the scope required to achieve specific purposes of usage, and has established measures to ensure handling within the specified scope. As for confidential information, it is strictly managed through a systematic process to prevent leakage of information to third parties, as well as requiring thorough compliance from each employee who directly handles customer information. Moreover, even if information was not received via disclosure from customers, etc., SECOM applies the aforementioned handling to personal information obtained in the course of business.
Every year, SECOM conducts an e-learning course and confirmation test for all employees to ensure adherence to basic items and rules. The Internal Auditing Division conducts periodic audits for items such as inspection for the handling of personal information, data management, workplace organization, and access control at each office.
In response to the amended Act on Protection of Personal Information that was put into full effect on May 30, 2017, we ensure appropriate handling of personal information throughout the entire SECOM Group.
Certification for “Privacy Mark”
SECOM has received “Privacy Mark” certification from Japan Information Processing and Development Center (JIPDEC). “Privacy Mark” certification is granted to businesses which take appropriate measures to protect personal information based on management systems in compliance with JISQ15001*.
- JISQ15001: Personal Information Protection Management System Requirements
Business Continuity Plan (BCP)
SECOM’s disaster-preparedness training utilizing helicopters
The SECOM Group provides services for seamless protection of safety and peace of mind 24 hours a day, 365 days a year. With regard to our BCP, we define systems and rules and establish facilities and systems to continue business in the event of wide area and large scale disasters such as: natural disasters including earthquakes and typhoons, large scale blackout, and pandemics involving new influenza strains, etc.
In the event of disasters, SECOM immediately ascertains the safety of our employees and their families, as well as the extent of damages to each office. The head office disaster response headquarters cooperates with the regional disaster response headquarters in the attected area to take measures for recovery and business continuity. In order to minimize the interruption of services provided to customers, SECOM organizes foundations to continue business operations such as enhancing our emergency power facilities, multiplexing our communication methods, and deploying disaster-preparedness supplies. These measures are specified in the “Manual for Response to Wide Area and Large Scale Disasters”, in whith SECOM defines detailed methods for response as an organization within the first 24 hours after the occurrence of a disaster, and constructs systems for fast recovery of functions.
In fiscal 2017, as part of initiatives to strengthen cooperation with the community, SECOM participated in the Council for Measures Concerning Stranded Persons for the area of our Headquarters. Also, in accordance with the Ordinance for Measures Concerning Stranded Persons enacted by the Tokyo Metropolitan Government, SECOM has taken measures such as replacing stock supplies at offices in the Tokyo metropolitan area.
In recent years, Japan has frequently been struck by disasters such as earthquakes and heavy rain. Amidst these conditions, helicopters are used as one part of BCP. SECOM utilized helicopters in many occasions including the Great Hanshin-Awaji Earthquake, the Great East Japan Earthquake, and the Kumamoto Earthquake. In 2018, at the time of the major earthquake in northern Osaka and the Heavy Rain Event of July in western Japan, we transported personnel and relief supplies by helicopters and maximized their usage for ensuring business continuity. Based on the need for business continuity via helicopters which are capable of immediate flight over a broad area, and in response to the deterioration of our existing helicopter fleet, SECOM decided to introduce a new-model helicopter in fiscal 2017 in order to enable response to a variety of disaster risks, and plans to start its operation in November 2018. Introduction of the new-model helicopter increases the amount of personnel and supplies that can be carried by approximately 50% and extends the flight distance by approximately 120 kilometers, thus further enhancing our ability to respond to disasters.
Risk management for employees stationed overseas
Countermeasures for terrorism, disasters, etc., must cover a wide range spanning from preventive measures to avoid incidents and accidents to response measures in the actual incident.
Therefore, as risk management for employees stationed overseas, SECOM takes measures such as (1) gathering information on disasters and public security conditions, (2) creating risk management manuals, (3) holding safety education and training for employees and their families, and (4) strengthening security systems for company facilities and residences. In Japan, we also establish support systems such as a 24-hour system for gathering, analyzing, and providing information on terrorism and disasters.
Protection of intellectual property
The Intellectual Property Page on the Company's intranet
Winners of the FY2018 SECOM Invention Prize
Active participation by all employees is necessary in order to achieve SECOM’s fundamental management policy of “SECOM will always contribute to society through its businesses” as stated in “The Constitutions of SECOM Group in Business and Management.” Furthermore, inventions related to “unique and revolutionary technology and ideas” have extremely high value for the business of the SECOM Group. The utilization of these inventions as intellectual property is essential for SECOM to provide unique business and services which far surpass other companies.
Therefore, to encourage employees to create inventions and to promote appropriate management and utilization of intellectual property by the Company, we have established our Invention Handling Rules. Also, we established the Intellectual Property Page on our intranet for employees to refer to the Invention Handling Rules and procedures for submitting inventions at any time.
SECOM respects the intellectual property rights of other parties. We obtain the necessary intellectual property information of other companies in advance and confirm that the products, services, etc., provided by SECOM do not infringe on the intellectual property rights of other parties.
Furthermore, as brand management, SECOM manages the acquisition and appropriate usage of trademarks, and monitors and excludes the unauthorized usage of trademarks (counterfeit goods) so as to improve the SECOM brand value.
In fiscal 2017, an Intellectual Property Department was newly established under the jurisdiction of the President and Representative Director to promote comprehensive and strategic activities for intellectual property in the SECOM Group. Moving forward, we will strive to protect intellectual property through methods which are more in line with our business strategy.
Inventions at SECOM are mainly supported by the Intelligent Systems Laboratory, which conducts research on high-level fundamental technology, and the Development Center, which develops new security systems, etc., which utilize the fundamental technology. The revolutionary inventions created by these R&D sections enable the development and supply of high-quality and high-reliability systems and services which provide superior performance unique to SECOM. As of July 31, 2018, SECOM CO., LTD. owns approximately 300 patents pending and approximately 960 patent rights.
In July of each year, the SECOM Invention Prize is awarded to employees who create advanced, innovative, and valuable inventions from among the patents that were registered in the previous fiscal year.