Risk management at SATO
The SATO Group classifies risks in the following categories.
Business risks
There are risks that the company takes in conducting business when making investments and loans, acquiring and disposing of stock and fixed assets, entering into business partnerships or important agreements, and selling or buying businesses.
Our Business Review Committee reports directly to the Executive Officers Meeting which makes top-level decisions on business execution. This committee assesses and analyzes subjects of risk and submits advice for deliberation. It also monitors risks for business decisions already implemented, reporting findings when necessary. Through these activities, the committee facilitates quality deliberations to support executive decision making.
General risks
There are also risks related to disasters, workplace accidents, fraudulent and illegal conduct, cybersecurity threats, and failure to comply with product quality standards and business transaction laws which, when they arise or materialize, can cause physical, economic or reputational losses or harm to the company, employees, customers and other stakeholders.
Our Risk Management Committee, established under the Executive Officers Meeting, is responsible for developing and improving risk management systems throughout the SATO Group. It also determines preventive actions to minimize any resulting damage and prepares countermeasures for potential crises.
Strengthening information security
We regard information security as an important business imperative, and apply rules and procedures for managing and protecting information assets based on our information security policy to drive security measures across the SATO Group. Under our in-house Risk Management Committee, we have established an Information Assets Management Committee that ensures security measures and account/access control methods are in place to keep information systems safe starting from their development to implementation and maintenance, on top of governing the management of information assets. Our Auditor Office also helps to monitor how our information assets are being used and managed.
SATO Corporation acquired the international ISO/IEC 27001:2022 certification and its Japanese counterpart JIS Q 27001:2023 under the Information Security Management Systems (ISMS) scheme for departments at its Tokyo headquarters office and Kansai and Kyushu branches that are involved in planning, developing, operating and/or maintaining solution and service offerings.
IS 721656 / ISO 27001
| Operator name | SATO Corporation |
|---|---|
| Standards certified | ISO/IEC 27001:2022 JIS Q 27001:2023 |
| Certificate number | IS 721656 |
| Date certified | November 25, 2020 |
| Business subject to certification | Planning, developing, operating and/or maintaining solution and service offerings (Tokyo headquarters office and Kansai and Kyushu branches) |
| Certifying organization | BSI Group Japan K.K. |
*The above link opens to a different website.
Product security
Our Product Security Policy serves as the foundation for delivering products our customers can trust completely. Under this policy, we've created a dedicated security team that oversees product security across the entire organization and develops comprehensive guidelines for secure product development. Through these ongoing efforts, we continuously enhance our security standards to provide our customers with products they can rely on with confidence.
SATO Group Product Security Policy
Vulnerability Information Disclosure Policy
SATO carefully oversees each stage of product development to ensure our products remain secure and vulnerability-free. We actively strengthen our product security by collaborating with external security researchers and coordinating bodies. We value all security-related feedback about our products. When vulnerabilities are reported, our team thoroughly evaluates them following our Vulnerability Information Disclosure Policy. We then work with the relevant coordinating body to schedule and publish countermeasures on our website.
- SATO Group Product Vulnerability Information Inquiry Form
- SATO Group Vulnerability Information Disclosure Policy
Protecting intellectual property
Basic policy
Since our founding, SATO has always sought to offer products and services that solve operational problems for our customers, in the spirit of Ceaseless Creativity. Through the development of new products and services, we build up a portfolio of intellectual assets that are important to the company's present and future. To protect these resources, we have established a basic policy with actions set out as follows, which we will use toward securing our freedom to operate and increasing our corporate value to contribute to a better and more sustainable world.
Create and make use of intellectual property
We encourage creative work throughout our group so as to drive the creation of intellectual property that benefits our group businesses while maximizing its use to pursue sustainable growth.
Respect intellectual property rights
We comply with laws governing patents, utility models, industrial designs, trademarks, copyright, trade secrets and employee know-how in different countries, making sure we respect the valid intellectual property rights of third parties to minimize any related risks.
Provide intellectual property training and education
We educate employees to increase their awareness about intellectual property and enable more intellectual property activities.
