Risk Management
Priority risk assessment and selection
We evaluate potential risks arising from changes in the internal and external business environment based on two axes: "the magnitude of the impact of each risk on business" and "the degree of management control," and select the risks that need to be addressed. We monitor both internal and external factors, timely assess the importance of risks in response to changing circumstances, and strive to address risks swiftly.
Major company-wide risks
Risks that have a significant impact on business operations but are not adequately managed are prioritized for risk reduction through company-wide projects.
Monitoring of countermeasures
Even if the measures implemented through these activities prove effective and management control improves, if the impact on business operations remains significant, we verify the subsequent status of the measures through audits and other means.
External Information Monitoring
Even for risks that have little impact on business operations at that point and do not become business issues, we are highly sensitive to risks for which countermeasures have not been taken and strive to collect external information and monitor them.
Risk management system
Kewpie Group recognizes events that could affect the continuous and stable development of its business as risks, and is working to enhance its internal control system through the practice of risk management. Each department continuously monitors individual risks, and company-wide risks are shared by the Risk Management Committee*, which comprehensively manages the evaluation of those risks, prioritization, and the effectiveness of countermeasures. In particular, the following eight are designated as major risks, and efforts are being made to suppress and avoid them.
The director in charge of risk management regularly reports to the board of directors on the assessment of these company-wide risks, as well as the policies and status of responses.
*The Risk Management Committee is composed of members of Kewpie Corporation Management Board and representatives from major headquarters and subsidiaries. It is the highest decision-making body for risk management within Kewpie Group and meets three times a year.
*Global environmental issues and climate change are addressed by the Sustainability Committee.
Main risk management activities
"Overseas Governance Project": An initiative aimed at strengthening global governance.
Kewpie Group has launched the "Overseas Governance Project" and is working to strengthen global governance as a foundation to safely and smoothly support its rapidly advancing global business expansion.
Based on the fundamental principle that each overseas group company should build an appropriate operational structure tailored to its own circumstances, under a globally standardized plan and policy, we are proceeding with the development of a global governance system.
Development of Global Governance Guidelines (GGG)
To clarify the vision and basic policies for global governance within Kewpie Group, as well as the overall structure and activities based on them, we have formulated the "Global Governance Guidelines (GGG)." Based on the GGG, we are strengthening the structures and functions at each level and in each corporate area.
Promoting the delegation of authority to local authorities
Kewpie Group deeply understands the vastly different food cultures across countries and regions, and in order to provide products and services that are tailored to those cultures, it is gradually transferring authority to local areas in accordance with the level of governance development in each region.
Promoting daily governance activities
To support appropriate and swift decision-making and business development, we are strengthening the daily governance activities in each corporate area. While the Japanese headquarters formulates group-wide plans and policies for each corporate area and supports and monitors local operations, local operations proactively strengthen their daily governance activities in a way that suits their specific circumstances.
Handling measures for unpredictable situations such as natural disasters: Business Continuity Plan (BCP)
Scenes from the task force meeting
Drawing on past experiences with disasters and infectious disease outbreaks, Kewpie Group is developing and implementing a business continuity plan across the entire group to address crises.
We primarily provide the following:
- Maintaining a system to replace Tokyo headquarters functions with those in the Kansai region
- Establishing emergency communication networks and stockpiling supplies
- Seismic reinforcement of production and logistics facilities
- Development of a system to check the status of production equipment
- Dual production bases for major products, dual procurement bases for raw materials, and dual order processing bases
- Maintaining a system that allows for a nationwide transition to working from home
We have developed manuals for each type of crisis and conduct large-scale disaster response drills (initial response drills, product supply drills, and safety confirmation drills) to ensure that these manuals can be used effectively.
These activities ensure that in the event of a disaster, we can take appropriate initial action, quickly transition to recovery efforts, and promote a return to normal business operations, thereby minimizing damage from unforeseen circumstances.
Responding to ransomware* risks
Ransomware attacks on businesses are increasing both domestically and internationally, and Kewpie Group is also raising its awareness of the risks and taking countermeasures.
In anticipation of emergencies, we are working to build an environment that can respond to attacks. As a hardware enhancement measure, we are implementing malware countermeasures on all PCs and servers, and as a software enhancement measure, we are working to improve security awareness among employees by conducting ongoing in-house training programs and simulated attack email drills for all employees.
*This malicious program, once it infects your device, encrypts the data stored on it, rendering it unusable. It not only threatens to expose the data for exploitation but also demands money as payment for decryption.






