Risk Management
Risk Management
Approach to Risk Management
The Group has established and operates a highly effective risk management structure and processes to prevent the occurrence of risks surrounding its business and to minimize losses in the event that risks materialize.
Risk Management Promotion Structure
The Group’s risk management promotion structure adopts the “Three Lines Model” which is centered around the Risk Management Committee (held at least twice a year), with the President Executive Officer serving as the chief responsible officer and the Head of the Corporate Division serving as the chairperson. The status of risks is regularly reported from the Committee to the Management Committee and the Board of Directors, and is reflected in management strategies as well as risk management and evaluation.
Overall Relationship Diagram for Risk Management Promotion
Growth Strategy Risk Management Process
The Group operates with a systematic four-stage risk management process. In the first stage, “Visualization,” each department and committee comprehensively identifies risks and assesses the current situation. In the second stage, “Evaluation and Prioritization,” we evaluate the impact and vulnerability, create a risk map, and identify priority management areas. In the third stage, “Risk Response Planning,” we formulate response measures and mitigation measures for identified risks. In the fourth stage, “Implementation and Monitoring,” each risk owner implements countermeasures, and the Risk Management Committee monitors progress and regularly reports to the Management Committee and the Board of Directors. Through these continuous management processes, we aim to achieve sustainable growth while appropriately controlling risks.
Risk Assessment
In our risk management process, the Digital Garage Group broadly categorizes risks into strategic, financial, operational, and hazard risks, and further subdivides them into 15 classifications. We evaluate identified risks on the two axes of “impact” (effects on business continuity and management decisions) and “vulnerability” (probability of risk materialization and maturity of management systems) with five levels for each axis.
Legend for Each Level of Risk (Comprehensive Evaluation)
Risk Level 1
Both impact and vulnerability are low; can be addressed within normal business operations.
Risk Level 2
Either impact or vulnerability is low; no hindrance to business continuity.
Risk Level 3
Moderate risk; impacts business and requires time and effort to address.
Risk Level 4
High risk; high likelihood of business impact requiring management decisions.
Risk Level 5
Very high risk; fundamental response is essential.
Risk Category
Risk Category
Risk Classification: Risk Scenario Overview
Strategic Risk
- Risks related to entry into new business fields
- Risks related to service and business strategies
- Risks related to business investments
Financial Risk
- Credit risk
- Market risk
- Liquidity risk
Operational Risk
- System risk
- Administrative risk
- Legal and compliance risk
- Human resource risk
- Reputational risk
- Information security risk
- Third-party risk
Hazard Risk
- Natural disaster and special disaster risk
- Cyber attack risk
Risk Map
Key Risks and Response Policies
During the current period, the most significant risks included ⑭ Natural disaster and special disaster risk (business interruption due to system failures, etc.), ➉ Human resource risk (intensifying competition for recruitment, shortage of specialized talent, etc.), ⑮ Cyber attack risk (ransomware damage, etc.), ➂ Business investment risk, and ⑫ Information security risk. In this manner, we are developing appropriate response policies according to the importance of each risk and promoting initiatives to reduce and avoid risks.