ITOCHU Techno : Foundations Supporting Sustainable Growth (PDF/949KB)

SECTION 4 Foundations Supporting Sustainable Growth

Environmental Initiatives

Environmental Activities Policy

As a leading company in the IT industry, we believe it is important to not only reduce the amounts of environmental resources used by ourselves, but also provide a sustainable future for our customers and society through technologies we are uniquely positioned to offer. We listen to a wide range of opinions from variety of stakeholders on the social role and responsibilities that we are expected to fulfill, and we reflect this feedback in our corporate activities.

The CTC Group aims to keep its businesses in harmony with the global environment, addresses issues including climate change, the effective use of resources and the preservation of biodiversity, and strives to improve environmental management systems in a sustained manner.

1 Solution of Environmental Issues Faced by Customers

The CTC Group seeks to offer value such as environmental load reduction and eco-efficiency improvement with the application of IT by solving the environmental issues faced by customers.

2 Reduction of Environmental Footprint in Business Processes

The CTC Group proactively promotes initiatives including those for saving energy, saving resources, reducing waste and greening procure- ment, and works to reduce its environmental footprint and prevent ­pollution in business processes.

3 Compliance with Relevant Laws, Regulations, Etc.

The CTC Group observes laws and regulations associated with environmental preservation and other items to which it agrees.

4 Enhancement of Environmental Awareness

The CTC Group makes its environmental policy known to all its directors and employees. At the same time, the CTC Group works to raise environmental awareness through education and informative activities.

Environmental Management Structure

The CTC Group has established an Environmental Activities Policy based on its corporate philosophy and has established an environmental management structure.

Under the Sustainability Committee Chairperson, the Environmental Managers and Eco Leaders of respective organizations play a central role in advancing environmental improvement activities across the entire Group. Domestic Group companies (excluding affiliates) have obtained ISO 14001 certification.

As an advisory body to the Management Committee, the Sustainability Committee submits proposals on climate change and other important environmental matters to the Management Committee, which deliberates on the proposals and submits them to the Board of Directors for further deliberation.

				CTC President & CEO
				Sustainability
Chief Environmental		Committee
Internal Auditor		Chairperson*
Chief Auditor
	Environmental		Environmental
					Planning Division
				Control Manager
					(Environment Office)

Environmental Education

The CTC Group provides environmental education through e-Learning for all officers and employees once a year. Environmental Managers and Eco Leaders are also offered separate training sessions to promote their activities.

Environmental Improvement Activities

Under the environmental management structure, all entities of the CTC Group set annual goals to reduce the environmental impact through their business and pursue initiatives to achieve the goals. These include helping customers save energy through virtualization and Cloud technologies, as well as the provision of environmentally friendly solutions and products.

Furthermore, in June 2021, CTC and its Group companies relocated and integrated their Tokyo head office functions. The relocation helped to reduce the Group's environmental burdens by reducing total floor space by approximately 20% (compared to the total floor space of the offices that were relocated). In addition, it helped to curb office electricity consumption through the consolidation of previously dispersed servers at data centers.

CTC Business Groups

Environmental Managers

(General Managers)

Department / Team Eco

Leaders

Employees

CTC Group companies

Environmental Managers

(General Managers /

Department Managers)

Section (Under direct control of

Group company head office / secretariat) Eco Leaders

Employees

Environmental Conservation Activities

The CTC Group supports the preservation of the environment and biodiversity. Such support includes donations to initiatives whose aims the Group endorses. Examples of such initiatives are Biodiversity Conservation projects by WWF Japan; the Keidanren Nature Conservation Fund; the Morino Project, which seeks to preserve natural capital by cultivating forests

• For fiscal 2022, the managing executive officer who is the COO of the Human Resources Management & General Affairs Group and General Manager of the Corporate Planning Division will serve as the chairperson of the Sustainability Committee.

that protect people from disasters; and more trees, an initiative for preserving forests by forming connections between forests and cities. (As of July 2022)

71 ITOCHU Techno-Solutions Corporation Integrated Report 2022

Climate Change Countermeasures

The impacts of climate change have been growing ever more serious in recent years, directing increasingly more attention toward the role of IT as a tool for combating climate change, and enhancing the role and responsibility to be fulfilled by the CTC Group. In April 2021, the CTC Group updated its materiality. "Contribute to climate change countermeasures" has been defined as one of the items of materiality (material issues). Moreover, in April 2022, we expressed support for the Task

Force on Climate-related Financial Disclosures (TCFD). We will work to realize a decarbonized society with our technologies and unique skillset and ensure appropriate disclosures in accordance with the TCFD recommendations. The following is information based on four central

components of the disclosure recommendations of

the TCFD.

Governance

To address climate change, we have created a structure to promote sustainability, headed by the President & CEO. Important matters are discussed by the Sustainability Committee, which is chaired by a managing executive officer, before decisions are made by the Management Committee and approval is given by the Board of Directors. We have also established a structure under which activities related to climate change are reported regularly to the Management Committee and the Board of Directors and are supervised by them.

Major Items Deliberated

• Matters related to climate change risks and opportunities
• Important guidelines and measures related to climate change
• Progress toward CO2 reduction and other medium- and long-term environmental targets

Risk Management

Through the sustainability promotion system, we clarify, identify, and assess climate change risks (assess the level of their impacts by using various parameters based on multiple future forecast scenarios) based on Companywide risk control methodologies and the TCFD framework. The Board of Directors supervises the management of climate change and other important Companywide risks.

Metrics and Targets

The 2050 CTC Environmental Declaration, a set of medium- to long-term targets established in 2019, includes the targets of a 30% reduction in CO2 emissions from our own activities by fiscal 2030 (compared with fiscal 2015) and zero emissions by 2050.

Scenarios and Strategies

CTC has analyzed potential impacts of climate change on its business activities and revenue, covering its domestic business including the supply chain. These analyses used scenarios provided by international institutions that projected rises in average global temperatures of 1.5°C and 4°C above pre- industrial levels*. Based on these scenario analyses, the Company quantitatively and qualitatively assessed the financial impacts of the risks and opportunities identified leading up to 2030 and 2050 and formulated response measures.

The results of these initiatives are as follows.

We position climate change countermeasures as opportunities for medium- to long-term growth, and we are actively expanding our GX business to contribute to a decarbonized society as a way to address social issues and achieve sustainable growth.

• The reference scenarios included the RCP8.5 and RCP2.6 scenarios of the Intergovernmental Panel on Climate Change and the STEPS and NZE2050 scenarios of the International Energy Agency.

	Opportunities Related to Climate Change		Magnitude of Impact
			(By Scenario)*2				Response Policies
Category	Details	Length of	4°C scenario	1.5°C scenario
Time*1	2030	2050	2030	2050
	• Increase in demand reflecting the use of IT for effi-						• Expanding businesses that help to resolve issues,
Products						including those related to efficient energy use and
cient energy use and energy conservation	Short
and	Small	Small	Medium	Medium	those related to energy conservation
• Increase in demand for products and services that	term
Services					• Expanding businesses that contribute to the
contribute to the development of renewable energy
						development­	of renewable energy
	• Market expansion driven by simulation technologies						• Researching, developing, and expanding the portfolio
	and services that contribute to the development of new	Short					of technologies and services that support the use of
Market	technologies (related to low carbon, hydrogen, etc.)	Large	Large	Large	Large	new energy as a means to achieve decarbonization
term
	• Improving social trust through climate change					• Expanding businesses that contribute to decarbon-
	countermeasures						ization and making information about them available
	Risks Related to Climate Change		Magnitude of Impact
			(By Scenario)*2				Response Policies
Category	Details	Length of	4°C scenario	1.5°C scenario
Time*1	2030	2050	2030	2050
Policies	• Increase in costs to respond to the tightening of reg-						• Continuously reducing CO2 emissions from our
and Legal	ulations related to CO2 emissions and new political	Medium
Small	Small	Medium	Medium	businesses­	by promoting energy conservation and
Restric­	measures and regulations (including the carbon tax	term
				introducing renewable energy
tions	and emissions trading scheme)
	• Damage to trust from society and a decline in	Short					• Expanding businesses that contribute to decarbon-
Reputation	employee motivation resulting from delays in taking	Small	Small	Large	Large	ization and making information about them available
term
	climate change countermeasures					• Joining in initiatives related to climate change
	• Negative impacts on business continuity from	Short					• Continuing to take disaster prevention and mitigation
Physical	damage to facilities and supply chain disruption	Medium	Medium	Small	Medium	measures related to our business continuity plan (BCP)
term
	caused by weather disasters					• Promoting effective teleworking

*1	"Short term" means up to five years from now. "Medium term" means within five to 10 years. "Long term" means 10 or more years later.
*2	Assessments represent financial impacts, with impacts classified as small, medium, or large.
For information on specific risks and opportunities, please refer to the following website.
	https://www.ctc-g.co.jp/en/company/sustainability/environment/climate-change.html	72
	ITOCHU Techno-Solutions Corporation Integrated Report 2022

SECTION 4 Foundations Supporting Sustainable Growth

Risk Management

Risk Management System

In addition to individual risk management functions, we have established the Risk Management Committee to take an overall approach to risks that should be managed on a Groupwide basis. As well as comprehensively considering and identifying risks that should be managed on a Companywide level, this committee establishes management systems and rules, assesses effectiveness (conducts monitoring), and recommends corrective mea- sures. We are building a risk management structure capable of responding to future changes in the operating environment and contingency circumstances.

	Risks	Summary of Risks That Could	Risk Mitigation Measures
	Negatively Impact Earnings
		• Risk of fluctuation in operating results due to	Updating the internal structure to identify and share information about
1	Risks	changes in economic conditions in Japan and	changes in the macroeconomy and trends in IT investment at customers
abroad, IT investment by customers, laws and	Providing advanced products and services, aiming to optimize group organiza-
	Concerning
	regulations, tax codes, and accounting standards	tional structures and provide high-value-added solutions
	Changes in
	• Risk of intensification of price competition due to
	the Business
	diversification of customer needs, technological
	Environment
	advances, new entrants, and competition with
		other companies
		• Risk of suspension of corporate activities, loss of	We have implemented the following measures to appropriately manage
		trust, or damage claims due to a leak, alteration,	information:
		or loss of information (including personal infor-	• Building an information management system (setting up the Information
2	Information	mation and confidential information of custom-	Security Committee, CTC Security Incident Response Team)
	Security Risk	ers), or suspension of their services caused by	• Acquiring various certifications (JIS Q 15001, ISO 27001, ISO 27017)
		unauthorized access stemming from cyberat-	• Strengthening control of the entire Group, including domestic and overseas
		tacks on internal systems and customer services,	consolidated subsidiaries
		a computer virus, or human error

Ensuring Rigorous Information Security

For the CTC Group, appropriate handling and safe management of information are important social responsibilities.

Each year, information security threats become more diverse and complex, owing to the use of new IT infrastructure such as the IoT, AI, and blockchain; society's connections between cyberspace and physical space; and new working environments arising from work-style reforms.

Against this backdrop, the CTC Group has developed an information security and personal information protection management system integrating information security management and personal information protection systems in compliance with ISO 27001 (JIS Q 27001) and Privacy Mark (JIS Q 15001), which is responsible for the following:

Creating various regulations, standards, and procedures Conducting education and awareness activities

related to information security and personal information protection

Conducting internal audits

Conducting annual surveys of outsourcing contractors

At CTC, we treat all of the information entrusted to us by our clients as confidential information; carrying out hando- ver checks and exercising strict access management.

As a countermeasure against the increase in cybersecu- rity risk in recent years, we have established the CTC-SIRT*, which conducts the following activities:

Cybersecurity drills for targeted e-mail attacks (annually)

Vulnerability diagnosis of internal and public websites (annually)

Monitoring for cyberattacks

We have obtained ISO 27017 (JIS Q 27017) certification for CUVICmc2 (Cloud service specializing in mission-critical systems) and TechnoCUVIC (virtualized hosting service), and are creating services that ensure peace of mind among clients whose information we handle.

We will continue to implement further security measures against new threats, with the safe and secure handling

of information entrusted to us by our clients as our highest priority.

• CTC-SIRT(CTC Security Incident Response Team) is an organization that copes with security incidents resulting from cyberattacks.

For more information about our information security efforts, please visit our corporate website.

https://www.ctc-g.co.jp/en/company/about/governance/security.html

73 ITOCHU Techno-Solutions Corporation Integrated Report 2022

	Risks	Summary of Risks That Could	Risk Mitigation Measures
	Negatively Impact Earnings
		• Risk of a decline in the Group's social credibility	We are implementing the following measures to ensure compliance:
	Compliance	or deterioration in the Group's earnings due to a • Building a robust compliance system (setting up the Compliance Committee, etc.)
3	serious breach of compliance or a violation of	• Compliance education and training
	Risk	laws or regulations in conducting business	• Operating, maintaining, and improving
			P.75 Compliance Initiatives
			our whistleblowing system

• Risk of personnel departures or a decline in pro-  With "Challenge and growth" as our personnel strategy policy, we engage in
  ductivity due to failure to secure and train per- human resource management with the aims of improving employee motivation,

		sonnel with high technical skills and expertise as	encouraging self-growth, and further fostering a culture of human resource
		planned, loss of growth opportunities, or a dete-	development. We are implementing measures including the following:
	Human	rioration in the labor environment, affecting the	• Training and developing diverse professional human resources
4	Group's earnings and business development	• Establishing a system that gives employees a sense of self-growth and enables
Resources		them to realize their full potential (career development support system, leading
	Risk		position certification system, etc.)
			• Promoting diversity and inclusion
			• Promoting work-style reforms (development of a workplace environment that
			allows employees to deliver the maximum performance through teleworking,
			free choice of work location, etc.)
				P.59 Human Resources Strategies
		• Risk of unexpected additional costs incurred if	We set up the Project Management Office as a third-party entity and
		planned results and quality cannot be delivered	Companywide organization, and instituted project control departments in each
		as customer needs, such as DX, have become	business group. We also implement control and support systems including the
	Project	more diverse and complex. In addition, risk of	following to avoid the risk of being unable to complete a critical system integra-
5	loss of customer confidence and claims for	tion project on schedule:
Management	damage due to delivery delay and poor quality	• Making preliminary examinations before submitting quotes
	Risk	stemming from the above causes	• Monitoring and evaluating the project status

• Providing individualized support and offering ideas for improvement according to the project status (quality evaluations, etc.)

				P.65 Technology Strategies
		• Risk of a confidence decline and claims for dam-	We are implementing the following measures:
		ages in the event that a customer's business	• Regular operational risk assessments
6	System	activities are affected by failures due to equip-	• Stepping up IT system monitoring and third-party auditing of operational status
ment failure or operational errors in our opera-	• Investigating and responding quickly to product defect information, and
	Failure Risk	tion services, in a situation where IT systems play	­conducting preventive replacement of equipment
		an important role as social infrastructure	• Acting to improve work quality, including preventing operational mistakes (zero
			human error activities, rigorous pre-work risk prediction meetings, etc.)
		• Risk of a drop in recoverability, loss of part of or	We carefully consider investment returns and risks in advance and are imple-
		an entire investment, or a need for additional	menting measures including the following:
		funding due to failure to achieve the expected	• Building an investment management system (updating internal standards for
		returns from strategic investments in companies	investments and exit criteria, pre-screening before making investments, etc.)
		in Japan and elsewhere, data centers, or Cloud	• Regular monitoring (verifying the achievement status of investment objectives,
7	Investment	services for the purpose of launching new busi-	meeting the exit criteria, etc.)
Risk	nesses, expanding operations, or boosting com-	Major consolidated subsidiaries are implementing measures including the
		petitiveness caused by changes in the market	following:
		environment, and deterioration in revenues of
		• Thoroughly raising awareness of the CTC Group Philosophy and CTC Group
		investment target companies
		Code of Conduct
			• Dispatching managers and other staff to consolidated subsidiaries
			• Ensuring governance through shareholder agreements
		• Risk of a profitability decline when transactions are	Utilizing foreign exchange contracts and foreign currency deposits according
		conducted in foreign currencies for products and	to specific transaction types
8	Exchange	services procured from overseas markets, and cost
	Rate Risk	increases from a sudden change in ­foreign
		exchange rates or weakening yen over the medium
		term that cannot be passed on to customers
		• Risk of damage to facilities and infrastructure or	To prepare for contingency circumstances, we are implementing the following
		injuries due to large-scale natural disasters such	measures:
	Risk of	as earthquakes and terrorist attacks, as well as	• Formulating a business continuity plan (BCP)
9	infectious diseases, such as COVID-19, resulting	• Creating a safety confirmation system
Large-Scale
in a threat to business continuity	• Establishing an emergency response headquarters and crisis management
	Disasters
		headquarters, and strengthening disaster prevention drills

• • Maintaining a backup system in the Kansai region in preparation for a potential disaster in the Tokyo metropolitan area
• Risk of negative impacts on the CTC Group busi-  To prevent delays in deliveries and optimize supply chains, we are leveraging

		ness performance due to a supply suspension of	CTC's strengths of our multi-vendor strategy and full-stack IT technologies to
	Product and	products and services to customers for the fol-	implement measures including the following:
	lowing reasons and other factors: suspension of	• Optimizing product and service sourcing based on relations of trust with major
	Service
10	product or service supply due to business plan	domestic and overseas vendors
Procurement
changes or business condition deterioration of	• Forming relationships with multiple vendors to prevent a dependence on
	and Supply
	suppliers, shortages or production delays of	specific vendors
	Risk
	semiconductors and other products due to	• Sharing accurate information with customers and proposing ideal response
		supply chain disruption from pandemics, wars,	measures
		terrorism, and other global events		74
			ITOCHU Techno-Solutions Corporation Integrated Report 2022

SECTION 4 Foundations Supporting Sustainable Growth

Risk Management

Compliance Initiatives

Basic Stance on Compliance

The CTC Group regards compliance as one of its most important management issues, and is well aware that thor- ough, Groupwide compliance forms the foundation for running and managing the Group. By ensuring that each and every Group employee observes all laws, regulations, and internal regulations required in the execution of corporate activities, and carries out such activities in a highly ethical

and responsible manner in accordance with social norms and morals, we aim to ensure that we are held in esteem and trusted by society as a consistently fair, highly transpar- ent, sound, and healthy corporate group as we seek to increase the corporate value of the entire CTC Group.

For more information on the CTC Group Code of Conduct, the Group's basic guidelines for implementing compliance management and fulfilling its corporate social responsibilities, please refer to: P.5 CTC Group Philosophy

Compliance Promotion Structure

To promote thorough compliance within the CTC Group, we have established the CTC Group Code of Conduct and a range of internal regulations, appointed a Chief Compliance Officer (CCO), and established a Compliance Committee that acts as an advisory body to the Management Committee. We aim to enhance the functionality of these organizational structures through the appointment of overall compliance management supervisors responsible for specific business groups and CTC subsidiaries, as well as compliance supervisors responsible for individual divisions and teams.

These compliance supervisors check the progress of their organization's compliance initiatives on a quarterly basis and report to the Compliance Committee. In addition, we seek to ensure that compliance awareness is thoroughly instilled by holding ongoing educational training sessions for corporate officers and employees.

Board of		Audit & Supervisory Board (Audit & Supervisory Board members)
Directors
	Reporting		Compliance Committee
President & CEO
		Chief Compliance Officer (CCO)
Management			Committee Members Selected from
Committee
Consultation		Different Organizations
Legal Compliance		Internal Reporting Systems (Helplines)
Oversight Divisions
Presidents of		COO of CTC
CTC Subsidiaries		Business Groups
Compliance Management	Compliance Management Supervisor
Supervisors of CTC Subsidiaries	of CTC Business Groups
		Compliance Supervisor	Attorney
		(Division and team heads)
CTC Subsidiary Employees	CTC Employees
		All CTC Group Employees

Internal Reporting and Consultation Systems

The CTC Group has established internal reporting systems (helplines) that enable corporate officers, employees, and business partners to report and consult regarding compliance violations. We were swift to register a self-declaration of conformity for these helplines under Whistleblowing Compliance Management System*1 certification on April 26, 2019.

Reports can be made via two routes, reporting to an internal point of contact and to an external point of contact (an advisory attorney). Both routes include provisions to protect the privacy of reporters and to ensure appropriate management of reports, and we guarantee that such reporters will not suffer from any detriment or disadvantage as a result of a report through the helplines. In addi- tion, consultations for employees on a range of issues are provided through an employee consultation service. The number of internal reports and consultations for the CTC Group in the past three years is shown in the table below. Appropriate responses to all reports and consultations are pursued in cooperation with the relevant divisions as deemed necessary. No serious violations have occurred in the CTC Group.

Compliance representatives attend annual workshops arranged by a lawyer, to improve their skills and enhance their ability to address reports and consultations through the helplines.

In this way, we continue to operate and maintain the helplines and employee consultation contact points in an appropriate manner. In addition, we are working to bolster compliance management to quickly detect and remedy violations of laws or internal regulations and other acts of misconduct.

	FY2019	FY2020	FY2021
Helplines (External	18	7	11
point of contact)	(3)	(2)	(4)
Employee	29	15	26
consultations*2
Total	47	22	37

*1 Under this system, a company assesses its own internal reporting system and makes a self-declaration of conformity if it complies with the certification standards. Based on an application by the company, the system's content is checked by a registration organization designated by the Consumer Affairs Agency, with conforming companies being registered. The implementation of this system was suspended in February 2022 based on a

revision­ to the Whistleblower Protection Act.

*2 Figures represent the number of employee consultations concerning harassment and other aspects of the workplace environments.

75 ITOCHU Techno-Solutions Corporation Integrated Report 2022