As the business environment surrounding companies becomes increasingly uncertain and complex, the Toridoll Group identifies various risks related to the business objectives of each organization in advance, and implements improvements and countermeasures. We believe that we can minimize the physical and economic loss.
Based on the Risk Management Regulations, the Toridoll Group has established a management system that centrally manages risks under the leadership of the Risk Management Committee.
Risk Management Provisions (excerpt from the Risk Management Provisions)
Basic Policy
TORIDOLL Holdings Corporation (hereinafter referred to as "HD"), Marugame Udon, Inc. (hereinafter referred to as "Marugame"), Niku no Yamagyu Co., Ltd. (hereinafter referred to as "Yamagyu"), Toridoll Japan Inc. (hereinafter referred to as " TDJ), Toridoll Business Solutions Co., Ltd. (hereinafter referred to as "TBS"), and Toridoll D&I Co., Ltd. (hereinafter referred to as "D&I") ensure business continuity and stable development through the practice of risk management. go.
Prioritizing the quality and safety of products and services, we eliminate and reduce factors that impede the interests of our stakeholders, including customers, business partners, shareholders, investors, local communities, and the global environment, as well as our executives and employees. We will sincerely strive to.
In accordance with the spirit of compliance, all officers and employees comply with various laws, regulations, etc., each of them independently considers what is ethically the right thing to do, and acts based on their value judgments.
Risk Management Committee
The Toridoll Group has established a risk management committee chaired by the president and CEO, with members including directors including outside directors and heads of departments. The committee meets four times a year to check the progress of activities. increase.
The committee conducts multifaceted risk assessment analysis, including food safety and hygiene, and sets up task teams to conduct detailed studies on matters designated as high risks. Risk avoidance and mitigation measures proposed by each task team are discussed by the Risk Management Committee. Measures approved by the committee are reported and evaluated by the committee after being implemented by each department, and the PDCA cycle is implemented.
In addition, the Internal Audit Office regularly audits each department of the head office and stores, and has established a system that enables early detection of risks and reporting to management, including the president and CEO.
Risk Identification and Response
In the Toridoll Group, in the event of an emergency that could have a serious impact on the company's management, in accordance with the Crisis Management Regulations and the Store Crisis Management Manual, a representative will be appointed to minimize loss, restore damage, and prevent recurrence. In addition to establishing a crisis management headquarters headed by the president and CEO, we have established a crisis management system for the entire group to respond to emergencies with the participation of external experts.
Crisis Management Provisions (excerpt from the Crisis Management Provisions)
Basic Policy
In light of their social significance, TORIDOLL Holdings and TORIDOLL Japan shall place the highest priority on ensuring the safety of human health and life, and all officers and employees shall work as one to deal with and resolve crises, minimize losses, recover from damage, and prevent reoccurrence. Furthermore, all officers and employees shall be aware that crises are not something that can never be allowed to occur but may occur and shall constantly be prepared for the occurrence of crises.
Business Continuity Management System
TORIDOLL Holdings Corporation (hereinafter referred to as "our company") makes it a business continuity objective to continuously achieve our slogan, "Fill this planet with the excitement of food." In addition, if business is interrupted, it will have a significant impact on business partners and customers who use our products and services, and it is expected that we will lose trust widely. We will formulate a business continuity plan against various threats that may occur, and by acting based on this policy, we will make continuous improvements while responding to changes in the environment surrounding us both inside and outside the company.
Determination of businesses subject to business continuity
We regularly analyze the factors that affect our business and their degree, fully recognize the risks caused by business interruption, and decide the business targets that should be prioritized for continuation and restoration. We also conduct regular analysis to prepare for new threats.
Prepare an action plan for business continuity
The Company prepares an action plan (hereinafter referred to as the Business Continuity Plan) for the business subject to business continuity that has been decided. In the business continuity plan, we will document the procedure so that we can restore the business within the target time set according to the risk, and strive to act quickly and accurately.
Establishment of a system for business continuity planning
In order to ensure the execution of the business continuity plan, we have established a risk management committee within the company, appointed a manager to supervise activities related to business continuity, and provided education and training to those involved in the business continuity plan. and an audit system to objectively evaluate whether the activities are effective.
Compliance with laws, contracts, etc.
Through our business continuity activities, we will identify and comply with relevant laws and regulations, various guidelines, other norms, and requests from interested parties, including confidentiality.
Continuous improvement of business continuity management system
In response to changes in social conditions and advances in information technology, etc., we have built a "business continuity management system" based on the PDCA cycle to protect and sustain our services from new threats. We will try to improve.
TORIDOLL Holdings Corporation
Risk Management Committee Chairman Takaya Awata
Date of enactment July 1, 2022
Risk management process
In conducting risk management, the domestic Toridoll Group prioritizes risks and promotes initiatives.
As a process to identify priorities, we first collect information from directors and related departments, identify risks, and grasp the overall picture. After that, the relevant departments and other departments evaluate the frequency of occurrence of risks and the magnitude of their impact, tabulate the results, create a risk map, and then comprehensively judge and prioritize the risks.
For the high and severe risks identified in this way, we are actively considering and implementing countermeasures within the management system described above.
H. | high risk (highest) | Management should conduct a detailed survey and prepare a management plan. |
|---|---|---|
S. | Severe risk (high) | Management must appoint a manager and always pay attention to risk trends. |
M. | middle risk (medium) | Management must appoint a manager. |
L. | Low risk (low) | The person in charge manages according to the determined procedure. |
frequency of risk
high | During ~ | low |
|---|---|---|
has already occurred. or is certain to occur. | It may occur and sell. (There are material concerns) | can occur. (No concerns have emerged) |
Occurs multiple times per year. | Occurs 0-1 times per year | May occur less than once every few years |
Our BCM received excellent evaluation from Japan Production Investment Bank
As of May 31, 2021, TORIDOLL Holdings has received a rating of "excellent measures for disaster prevention and business continuity" in the "DBJ BCM Rating" loan by the Development Bank of Japan Inc. (abbreviation: DBJ). bottom.
This loan is a financing menu in which DBJ evaluates and selects companies with excellent disaster prevention and business continuity initiatives using a unique evaluation system developed by DBJ, and sets loan conditions according to the evaluation.
Amid the increasing frequency of risks such as natural disasters associated with climate change, Toridoll Holdings strives to minimize damage, ensure the safety of employees and customers, enhance business continuity, and build a sustainable society. We are promoting initiatives for disaster prevention and business continuity in order to contribute to
Promotion of Business Continuity Plan (BCP)
In order to strengthen and improve the business continuity capability of each business and store even in emergencies such as natural disasters such as large-scale earthquakes, wind and flood damage, and pandemics caused by infectious diseases, the Toridoll Group reflects the opinions of external experts and has established a business continuity plan ( We have formulated a business continuity plan (BCP) and are working to develop and strengthen the system.
In addition, we regularly conduct drills assuming the operation of the formulated BCP to confirm its effectiveness and lead to continuous improvement. In October 2022, we also acquired ISO22301 (JQA-BC0049) certification for our business continuity management system (BCMS).
Operation of a safety confirmation system
(What is a safety confirmation system?)
A safety confirmation system helps confirm the safety of employees in the event of a large-scale disaster as part of a company's crisis management.
(Policy)
In the event of a disaster, we will place the highest priority on confirming the safety of employees and their families, as well as assessing the extent of damage in each region and promptly collecting information to provide the necessary support and achieve a quick recovery of business operations.
Pandemic Response
Formulation of a prevention plan for COVID-19
Under the spread of the new coronavirus infection, the Toridoll Group will ensure the safety and health of all parties involved, including customers, local residents, business partners, employees, store staff, and their families, and continue business activities. We are taking thorough measures to prevent this.
In addition, we are reconsidering the safety management, customer needs, and social structure that have changed significantly due to this pandemic as a food service industry, and are promoting flexible responses in business operations in order to fulfill our responsibilities as a food infrastructure.
Formulation of infectious disease manual
The Toridoll Group formulated a quarantine plan in April 2021 under the supervision of external experts as a countermeasure against the new coronavirus infection. In accordance with this epidemic prevention plan, various items such as prevention of droplet infection and contact infection in the store, prevention of infection risk of employees and store staff, flow of dealing with people who are unwell, etc. .
In addition, we will promptly respond to requests for shortened business hours that differ depending on each government and local government, acquire a restaurant infection prevention certificate at stores so that customers can use them with peace of mind, and in 2022 we will inform customers at stores and on our website. Introduced measures to prevent infection and how to reduce contact at the time of purchase.
Opinions from outside
About the Toridoll Group's measures against infectious diseases
The government and the Japan Food Service Association have reported on the new coronavirus infectious disease control guidelines. However, since the pandemic has not shown any tendency to converge, the Toridoll Group has reviewed the guidelines so far in 2021 as a corporate responsibility and created a new coronavirus infection prevention plan.
The feature of this guideline is that it describes in detail a check sheet for business continuity, such as infection prevention for employees and customers and store hygiene. The new coronavirus that has newly developed in cooperation with local government agencies
It can be expected to be used as an action plan for infectious disease control.
Mr. Takeshi Ito, Academic Advisor, Tokyo Microscopy Institute
FY2022 Countermeasures against the new coronavirus
The Toridoll Group has implemented the following measures in response to the pandemic caused by the new coronavirus. (As of March 2022)
[Efforts to prevent the spread of infection in the store]
・Install hand sanitizer for customers
・ Regular replacement of tongs used by customers
・Installation of chopsticks for separating displayed products
-Regular disinfection of frequently touched areas
・Effective use of acrylic plates, etc.
[Initiatives for store employees]
・Washing hands at least once an hour
・All store employees wear masks
・Operation of a health check sheet dedicated to the new coronavirus
・Regular disinfection of contact points (refrigerator handles, etc.)
・Set up an employee information center dedicated to the new coronavirus at the headquarters
・Installing vinyl sheets at cash registers, etc. to prevent splashes
・Use multiple coin trays at the cash register to prevent contact with customers
[Initiatives for headquarters employees]
・Establishment of a new coronavirus consultation desk
・ Thorough health management such as temperature measurement
・Installation of antiseptic solution
・Implementation of workplace disinfection
・Continue to provide company meals (reduce the risk of infection when going out of the office)
Providing udon and tempura to healthcare workers
A food truck visits hospitals and provides udon and tempura to support healthcare workers. We will continue doing what we can to bring some brightness to healthcare sites by providing meals for healthcare workers.
Safer purchase with enhanced takeout
The Toridoll Group is strengthening its take-out service as part of measures against the new coronavirus infection and to respond to new customer needs.
For example, we are creating an environment that makes it easy for customers to take out, such as a mobile order service that allows customers to purchase products without queuing by ordering in advance on a smartphone, creating stores that make it easy to order bento boxes, and expanding the bento menu according to the season. We are.
Countermeasures against information security risks
Strengthening information security
The Toridoll Group holds personal information and confidential business information of customers, employees, and business partners, and utilizes an information system that operates on the cloud for store operations and procurement of raw materials. For this reason, it is necessary to prevent the leakage, falsification, and damage of such information and the stoppage of information systems due to terminal device failures, software defects, cyberattacks, etc.
To reduce these risks, the Toridoll Group has established an information security management system (ISMS) and a privacy information management system (PIMS), has established regulations and management systems related to information security, monitors security, and conducts employee training. Thorough.
In order to strengthen these efforts, in October 2022 we acquired ISO/IEC27001 (JQA-IM1937) certification for information security and ISO/IEC27701 (JQA-PI0005) certification for privacy information.
Information Security Policy
One of the management policies of the Toridoll Group is to protect information assets from information security threats in order to provide trust and peace of mind to all stakeholders.
Based on this policy, we will establish the rules and management system for information security as an "information security management system" internally, and will fulfill our social responsibility through the execution and continuation of activities.
This policy is positioned as the basis for information security and is available for anyone to refer to at any time on this site.
Privacy policy
The Toridoll Group is deeply aware of the importance of protecting personal information and complies with laws and regulations related to personal information protection.
In order to respect the privacy of our customers and protect the personal information entrusted to us, we have established a policy that pays close attention, and all officers and employees of our company work together to achieve continuous improvement. We will strive.
ISMS-PIMS system
The Toridoll Group has established an Information Security Committee to operate the Information Security Management System (ISMS) and Privacy Information Management System (PIMS).
The Information Security Committee is chaired by the Chief Information Officer (CIO) and consists of the Finance Department, Legal Compliance Department, General Affairs Department, Human Resources Department, Information Management Department, Internal Audit Office, and the ISMS-PIMS Secretariat. , promotes efforts to strengthen information security and protect privacy information throughout the Toridoll Group.
cyber security
Since the Toridoll Group uses business systems that run on cloud services connected to the Internet, we have introduced a new security model, Zero Trust Security.
In "Zero Trust", all communication paths are encrypted as a major premise in order to verify the safety of information without trusting all communications and to take security measures.
Furthermore, zero trust is achieved through the following five elements.
① Strengthening of user authentication by IAM (Identity and Access Management),
(2) Rapid detection and response to cyberattacks using EDR (Endpoint Detection and Response)
③ Terminal authentication to identify connectable terminals by MDM (Mobile Device Management)
(4) Access control to restrict accessible websites by SWG (Secured Web Gateway)
Security log monitoring by SOC (Security Operation Center) for threat detection and prompt response
In-house training on information security
The Toridoll Group conducts information security education based on the annual plan by ISMS-PIMS.
In addition to text-based learning, we also use the LMS365 education management system to conduct proficiency tests and follow-up until all students pass. In fiscal 2022, the training was conducted for the ISMS-PIMS certified departments of TORIDOLL Holdings, and the learning content was divided between managers and supervisors and general employees.
In the future, we will expand awareness of information security throughout the Toridoll Group by expanding it to all divisions of Toridoll Holdings and operating companies in Japan and overseas.
.png)
.png){kind=logo}
.png)
.png)
