Risk Management System

Basic Approach and Policy

The Olympus Group implements risk management initiatives to realize its basic management policies, which include its Corporate Philosophy and management strategy. Specifically, based on the "Policy of Risk Management and Crisis Response" and related rules, the Olympus Group undertakes risk management from the perspective of both "offense" through active and appropriate risk taking leading to sustainable growth and value creation for the Company and "defense" to prevent illegalities and accidents.
A crisis management process has also been established to minimize the impact of unforeseen incidents on corporate value.

Policy of Risk Management and Crisis Response

Promotion Structure

Risk Management Structure (Fiscal Year Ended March 31, 2023)

Risk Management Structure/Representative Executive Officer,Responsible for Group Risk Management/Order,Report/Crisis Response Teams(activated in the event of a crisis)/Order,Report/Chief Strategy Officer,Risk Management Office/Cooperation/Executive Officers,responsible for risks/Order,Report/Each Business,Function,Region,Responsible for managing risks/Internal Control,Global,Risk Management Promotion Office

The risk management structure is a global risk management structure that defines categories of risks that could affect our business strategy and the achievement of our business objectives, and clarifies the Executive Officer in charge of each risk category (to ensure risk assurance). Each officer is responsible for carrying out all activities necessary to keep the risks under their control within acceptable limits (e.g., development of organizational structure, development of processes, and formulation and implementation of priority measures).

As of April 2023, a new organization has been launched to oversee four functions related to Governance, Risk, and Compliance (GRC): Risk & Control, Compliance, Privacy, and Information Security. With enhanced coordination among these functions, the risk management framework within operational functions will be further strengthened.

Structure and Initiatives

Risk Management

The risk management process is based on the PDCA cycle of risk assessment (risk identification, analysis, evaluation, and establishment of risk countermeasures), implementation of risk countermeasures, monitoring and reporting, and improvement. Risk assessment is linked to the annual planning process, and risks are evaluated using evaluation criteria common to the entire company to visualize and centrally manage company-wide risks. In addition, the status of the Group's response to major risks is regularly reported to the Group Executive Committee, the Board of Directors, and the Audit Committee for continuous monitoring.

Crisis Management

Any major incident that is highly likely to affect business management in the Olympus Group is reported promptly to the president and other senior management and handled appropriately by the managers in coordination with relevant divisions. Furthermore, we continue to conduct annual training exercises in anticipation of emergencies, ensuring the ongoing review and refinement of response processes. Our aim is to minimize damages in the event of large-scale natural disasters and similar incidents.

In terms of business continuity plan (BCP), we strive to develop practical plans that emphasize the value chain. To support this, we have established the “BCP/BCM Development Guideline” and consistently work on improving BCP practices. Additionally, we conduct regular education and training programs to enhance the effectiveness of our BCP.

Moving forward, we will continue to prioritize the health and safety of our employees, medical professionals, patients, and communities, while implementing the best measures to maintain the supply of our products and services.