• GRI102-30

Risk Management Systems

Risk management must be a real-world activity that produces concrete measures. Based on its Global Risk Management Policy, Nissan carries out activities on a comprehensive, groupwide basis.
To respond to changes in our business environment, we have set up a department in charge of risk management that carries out annual interviews of corporate officers, carefully investigating various potential risks and revising the “corporate risk map” in line with impact, frequency and control level. The Executive-Level Committees make decisions on risk issues that must be handled at the corporate level and designate “risk owners” to manage the risks. Under the leadership of these owners, we design appropriate countermeasures. At the end of each fiscal year, the head of internal audit assesses the control level of each risk and determines the effectiveness of each risk management activity. In addition, a progress report is made as appropriate to the Board of Directors.
With respect to individual business risks, each division is responsible for taking the preventive measures necessary to minimize the frequency of risk issues and their impact when they do arise as part of its ordinary business activities. The divisions also prepare emergency measures to put in place when risk factors materialize. Nissan Group companies in Japan and overseas are strengthening communication to share basic processes and tools for risk management, as well as related information, throughout the Group.
In addition, we have created an area on our intranet called “Corporate Risk Management.” Information relating to risk management is also distributed to subsidiaries in Japan, North America, Europe and other overseas regions, as well as to major affiliated companies.
The business environment in which we operate has been increasingly volatile in recent years, including such aspects as the widespread adoption of new technologies and growing geopolitical risks. We will continue to bolster our activities in this area so we can appropriately meet these changes.

  • GRI418-1
Protecting Personal Data and Reinforcing Information Security

We share our Information Security Policy with Group companies worldwide as a basis for reinforced information security, implementing via the Information Security Committee measures enhanced through the PDCA cycle. We reliably address issues by identifying internal and external information leaks as they occur worldwide and reinforce information security on a timely basis. To thoroughly educate and motivate employees to adhere to relevant policy, we institute regular in-house educational programs.
Moreover, we recognize our social responsibility to properly handle customers’ personal information in full compliance with the respective personal information protection law in each region. We have set up internal systems, rules and procedures for handling personal data. All Group companies are fully enforcing these processes.
There were no major instances of loss or leaking of personal information at any Group company during fiscal 2018.

  • GRI102-29
  • GRI102-33

ESG Risk Management

Nissan sees risks related to environmental, social and governance (ESG) factors―that is, “product strategy,” “product quality,” “response to environmental issues and climate change” and “compliance and reputation”―as issues involving business strategy and the maintenance of competitiveness and therefore promotes risk management in the Group as a whole based on the Global Risk Management Policy.
Regarding product strategy, as part of our product strategy developing process, we monitor the impact of various risk scenarios, such as global market changes and demand deteriorations, on our future profitability based on the product lineup plan. We periodically monitor the impact of these scenarios to secure future profitability and sustainable growth, as well as updating our future lineup plan periodically based on the results.
Regarding product quality, in addition to such activities as quality assurance for new model projects and day-to-day quality improvement activities, we have introduced and operate a “Quality Risk Management” framework. The framework represents a higher-level system to ensure successful quality management for both ongoing and future projects. Appraisal involves an objective evaluation of whether risk exists and the level of such risk for our company and the assignment of responsible persons based on the level for follow-up activities. These processes are implemented by the Quality Risk Management Committee, chaired by an executive tasked with heading this activity, twice a year.
Regarding response to environmental issues and climate change, in order to address diversifying environmental issues and promote comprehensive environmental management on a global basis, the Global Environmental Management Committee (G-EMC), which is co-chaired by a board member and convenes twice a year, and the Environmental Management Committees (EMCs) in six regions worldwide confirm the progress of activities and decide companywide policy and the content of reports to the Board of Directors.
Regarding compliance and reputation, our compliance with laws and ethical standards is monitored by regional and local compliance committees, which report to the Global Compliance Committee. We also have a globally integrated whistleblowing system, which allows employees to report suspected compliance issues to management.
In addition, we have created sets of internal rules and policies globally covering the prevention of insider trading, personal information management, information security and prevention of bribery and corruption. We make efforts to prevent noncompliance and reputation risk by raising awareness through the implementation of various activities, including education and training programs.