(1) Periodic risk management (priority risk mitigation activities)

As part of the sixth three-year set of Priority Risks (fiscal 2023–2025), the Group has established two Priority Risk areas: crisis response risks based on the possibility of war, and product supply disruption risks.
The status of initiatives to address each risk area is as follows.

Crisis response risks based on the possibility of war

This risk area was adopted to ensure employee safety while facilitating rapid decision-making and action to ensure business operation continuity in regions affected by war. The Corporate Strategic Planning Division is responsible for promoting initiatives in this risk area. In fiscal 2023, it conducted a risk survey of the countries and regions around the world where Toray Group operates and created crisis response plan templates for each one. Based on the results of the survey, starting in fiscal 2024, the Group is developing crisis response plans for countries selected based on their respective risk scenarios. These plans will be shared across the Group and crisis response training will be carried out in each country concerned.

Product supply disruption risks

This risk area was selected to mitigate raw material disruption risks and ensure product supply continuity. The Purchasing and Logistics Division are responsible for promoting initiatives in this risk area. In fiscal 2023, the Group began identifying raw materials with high procurement risk. In cooperation with each business division, the Purchasing and Logistics Division has been promoting risk mitigation activities such as diversification of procurement sources and stockpiling.

(2) Follow-up on internal control implementation by group companies

In line with the Basic Policy on Internal Control System outlined in Toray’s Basic Policy on Corporate Governance, Toray Industries regularly provides guidance on risk management systems to its group companies worldwide and verifies their operational status. In fiscal 2023, the Company looked at 130 companies, selected based on their capital ratios, business scale, and other factors, to confirm whether they had established the fundamental rules and systems for internal control related to risk management. Each company conducted a self-assessment to determine if they had the required rules, systems, responsible personnel, and promotion methods. It was discovered that one company had not yet established such rules, and 38 companies required only minor revisions to their rules (e.g., changes in organizational names), and their self-assessments showed no other issues. By the end of fiscal 2023, Toray had confirmed that all of its group companies had the necessary measures in place.

1. 1 When the initial KPIs were set, the plan was to conduct self-assessments and results follow-ups each year for approximately one-third of the group companies. However, the approach has since been changed. Self-assessments and results follow-ups are now being carried out for all group companies every year, with the level of these assessments being gradually raised over a three-year period. For the first stage conducted in fiscal 2023, self-assessments and follow-ups were completed to determine whether rules and frameworks for risk management are in place at each group company, and a 35% achievement level was reached. From fiscal 2024 onwards, the second stage will focus on specific risk management activities at group companies. Finally, the third stage will involve evaluating the level of improvement as part of the plan-do-check-act (PDCA) cycle, with plans to be made accordingly for self-assessments and follow-ups.

(3) Crisis management for operations outside Japan

Under its Risk Management Committee, Toray Industries has established an Overseas Crisis Management Committee at its headquarters, as well as Local Crisis Management Committees at various group sites worldwide.
As part of its regular activities, the Overseas Crisis Management Committee continuously collects risk-related information from sites worldwide, shares it within the Toray Group, manages overseas travel, and provides risk education to traveling employees. Meanwhile, the Local Crisis Management Committees carry out risk mitigation activities specific to the conditions in their respective locations. The Overseas and Local Crisis Management Committees are strengthening their cooperation by jointly utilizing a system for confirming the safety of personnel during an emergency.

(4) Activities to raise employee awareness

To raise risk management awareness among employees, Toray Group conducted risk management and crisis response training in fiscal 2023. The training was provided to new employees, newly appointed managers, and department heads.

In the event of a crisis, Toray Industries responds by swiftly establishing a company-wide quick response system (Company-Wide Emergency Headquarters) based on its Risk Management Regulations.
Since the 2011 Great East Japan Earthquake, Toray has conducted an annual exercise for setting up the Company-Wide Emergency Headquarters, as part of preparations for a large-scale earthquake in Japan.
When the Noto Peninsula Earthquake struck in January 2024, the Company-Wide Emergency Headquarters was set up on the same day. It acted quickly to confirm the safety of personnel, assess the damage, and initiate recovery and support efforts.

Toray has established the Toray Group Information Security Steering Committee to centrally manage and improve information security across the entire Group. Under this committee, risk mitigation activities are promoted based on the Toray Group Information Security Basic Policy.
In fiscal 2023, each group company conducted a self-assessment concerning its progress in meeting Toray Group information security standards. In cases where the standards have not been met, the companies concerned created improvement plans and continued to promote risk mitigation activities.　Under the CSR Roadmap 2025, Toray Group information security standard achievement rate has been set as a KPI, and progress is monitored by the Toray Group Information Security Steering Committee.
In fiscal 2023, risk mitigation activities were implemented by 39 of the 112 target group companies, resulting in a 35% target achievement.