Risk management at SATO
The SATO Group classifies risks in the following categories.
Business risks
There are risks that the company takes in conducting business when making investments and loans, acquiring and disposing of stock and fixed assets, entering into business partnerships or important agreements, and selling or buying businesses.
Our Business Review Committee reports directly to the Executive Officers Meeting which makes top-level decisions on business execution. This committee assesses and analyzes subjects of risk and submits advice for deliberation. It also monitors risks for business decisions already implemented, reporting findings when necessary. Through these activities, the committee facilitates quality deliberations to support executive decision making.
General risks
There are also risks related to disasters, workplace accidents, fraudulent and illegal conduct, cybersecurity threats, and failure to comply with product quality standards and business transaction laws which, when they arise or materialize, can cause physical, economic or reputational losses or harm to the company, employees, customers and other stakeholders.
Our Risk Management Committee, established under the Executive Officers Meeting, is responsible for developing and improving risk management systems throughout the SATO Group. It also determines preventive actions to minimize any resulting damage and prepares countermeasures for potential crises.
Strengthening information security
We regard information security as an important business imperative, and apply rules and procedures for managing and protecting information assets based on our information security policy to drive security measures across the SATO Group. Under our in-house Risk Management Committee, we have established an Information Assets Management Committee that ensures security measures and account/access control methods are in place to keep information systems safe starting from their development to implementation and maintenance, on top of governing the management of information assets. Our Auditor Office also helps to monitor how our information assets are being used and managed.
SATO Corporation acquired the international ISO/IEC 27001:2022 certification and its Japanese counterpart JIS Q 27001:2023 under the Information Security Management Systems (ISMS) scheme for departments at its Tokyo headquarters office and Kansai and Kyushu branches that are involved in planning, developing, operating and/or maintaining solution and service offerings.
IS 721656 / ISO 27001
| Operator name | SATO Corporation |
|---|---|
| Standards certified | ISO/IEC 27001:2022 JIS Q 27001:2023 |
| Certificate number | IS 721656 |
| Date certified | November 25, 2020 |
| Business subject to certification | Planning, developing, operating and/or maintaining solution and service offerings (Tokyo headquarters office and Kansai and Kyushu branches) |
| Certifying organization | BSI Group Japan K.K. |
*The above link opens to a different website.
Product security
Our Product Security Policy serves as the foundation for delivering products our customers can trust completely. Under this policy, we've created a dedicated security team that oversees product security across the entire organization and develops comprehensive guidelines for secure product development. Through these ongoing efforts, we continuously enhance our security standards to provide our customers with products they can rely on with confidence.
SATO Group Product Security Policy
Vulnerability Information Disclosure Policy
SATO carefully oversees each stage of product development to ensure our products remain secure and vulnerability-free. We actively strengthen our product security by collaborating with external security researchers and coordinating bodies. We value all security-related feedback about our products. When vulnerabilities are reported, our team thoroughly evaluates them following our Vulnerability Information Disclosure Policy. We then work with the relevant coordinating body to schedule and publish countermeasures on our website.
- SATO Group Product Vulnerability Information Inquiry Form
- SATO Group Vulnerability Information Disclosure Policy
Protecting intellectual property
Basic policy
Since our founding, SATO has always sought to offer products and services that solve operational problems for our customers, in the spirit of Ceaseless Creativity. Through the development of new products and services, we build up a portfolio of intellectual assets that are important to the company's present and future. To protect these resources, we have established a basic policy with actions set out as follows, which we will use toward securing our freedom to operate and increasing our corporate value to contribute to a better and more sustainable world.
(1) Create and make use of intellectual property
We encourage creative work throughout our group so as to drive the creation of intellectual property that benefits our group businesses while maximizing its use to pursue sustainable growth.
(2) Respect intellectual property rights
We comply with laws governing patents, utility models, industrial designs, trademarks, copyright, trade secrets and employee know-how in different countries, making sure we respect the valid intellectual property rights of third parties to minimize any related risks.
(3) Provide intellectual property training and education
We educate employees to increase their awareness about intellectual property and enable more intellectual property activities.
Tax policy
We have formulated this tax policy to guide our internal practices and ensure tax compliance.
Basic policy
Our vision is "to be the customer's most trusted partner for mutual growth, and always essential in an ever-changing world." In other words, we aim to maximize sustainable company value with the trust of our customers and other stakeholders.
To achieve our vision, we must have in place the necessary systems/operations for proper tax compliance and raise awareness among all employees to ensure we adhere to tax laws and regulations in all countries we operate.
(1) Legal compliance
We comply with the local and international tax laws and standards applicable in each country to ensure that we conduct all business activities in a proper and compliant manner.
(2) Tax risk management
We give due consideration to tax compliance risks in advance and seek professional advice where necessary, minimizing any uncertainties in meeting our taxation obligations to ensure that we maximize sustainable company value with the trust of our stakeholders.
(3) Preventing of tax evasion
We engage in tax planning to ensure the company is properly taxed, tax information is reported and taxes are paid to the appropriate authorities in each country. This allows us to maximize sustainable company value with the trust of our stakeholders.
The company does not engage in tax planning for intentional tax avoidance that involves shifting profits to low-tax countries where we do not generate economic benefits.
(4) Relationship with tax authorities
We make all efforts possible to provide related information to taxing authorities in each country in a timely, compliant and professional manner, as required.
