The Teijin Group has appointed a Chief Digital Officer, who is a corporate officer, as the person responsible for planning, executing, promoting, and overseeing policies related to global IT governance (human resources, structure, rules, operations, information security, investment, and costs). We have also established an information management structure within the Group by defining the roles and responsibilities of the general manager of the information systems department, the IT officer appointed for each organization (department, company, business, etc.), and each employee. Additionally, under the Chief Digital Officer's supervision, we have established an Information Security Committee with the general manager of the information systems department as chairperson and the division general manager of each business's IT division and each indirect division general manager as members. This committee promotes cross-group initiatives related to information security and educational activities. As a response to information security incidents, we have established a specialized security organization (CSIRT: Computer Security Incident Response Team) that works on preventive activities and ensures a swift response when an incident occurs. This organization monitors our information systems and data for attacks and suspicious activity around the clock, while also working on the continuous improvement of all CSIRT activities, including improvements to our information security systems. We have been a member of the Nippon CSIRT Association (NCA) since 2016, through which we gather and utilize the latest information on cyberattacks and know-how from other companies on a daily basis. Furthermore, in preparation for incidents such as ransomware attacks, we strive to ensure the integrity and protection of data through measures including data encryption, backups, and log monitoring.

Through our information management structure, the Teijin Group periodically checks the management status of information assets such as information systems, networks, facilities, personal information, and confidential information within each organization. We strive to maintain and improve information security by classifying the importance of these assets, identifying threats, assessing risks, and then implementing appropriate countermeasures. Additionally, the corporate audit department conducts information security audits for all Group companies from an independent standpoint.

The Group Risk Management Regulations of the Teijin Group stipulate the reporting and handling procedures for incidents and accidents. We also have a system in place to receive reports from those who discover suspicious emails or security incidents 24 hours a day, 365 days a year.

With the goal of enabling every employee to properly utilize information assets while responding to growing security risks, the Teijin Group works to ensure that each individual acquires the essential awareness and knowledge needed to protect the Group's information assets. To this end, we regularly provide information security education through e-learning and group work by organizational unit, along with hands-on response training using simulated targeted-attack emails for all executive officers and employees.

We work to ensure compliance with laws and regulations in each country and region, and to thoroughly implement related measures through a system that assigns a "person responsible for protection of personal information".