Skip to main contents
Sustainability Site

Risk Management

The Bandai Namco Group has established the Group Risk Management Committee, chaired by the President and Representative Director of Bandai Namco Holdings Inc. The committee’s members include full-time directors, the representative directors and presidents of its business management companies, as well as designated individuals, and it has a secretariat. With this organization in charge, we have strengthened Groupwide risk management and put into place a system to respond to crises. Within this framework, we are working to enhance information security.

The Group Risk Management Committee meets once a year to identify significant risks facing the Group and determine response policies. Crisis information for the Group reported to the Group Risk Management Committee is also reported monthly at regular meetings of the Board of Directors of Bandai Holdings.

Composition of Group Risk Management Committee

A diagram of the Group Risk Management Committee. Domestic and international Group companies report risks to domestic or overseas business management companies as necessary. The contents of the report are shared with the director in charge of risk management, followed by the Group Risk Management Committee, via the office for reception of risk compliance information at Bandai Namco Holdings. Once the committee receives this and issues the necessary directions, they are then communicated to domestic and international Group companies.
Risk and crisis management
Information security

Approach to Information Security

The Bandai Namco Group recognizes that its initiatives for information security represent an important element of the Group’s business execution. We are working to safeguard our information assets while also taking into account changes in the legal and social situations.

We are working to prevent incidents by implementing appropriate information security countermeasures based on the value of our information assets pursuant to the Group Information Security Management Rules compliant with laws, regulations, and other rules. Maintaining and strengthening our information security system is considered a companywide action as part of our daily management and operating activities rather than the responsibility of individual organizations in charge. With this in mind, we strive for continuous improvement.

Group Information Security Management Regulations and Related Guidelines

A diagram presenting an overview of the Group Information Security Management Regulations and the guidelines based on them. Group companies formulate related regulations, guidelines, and employee handbooks based on the Group Information Security Management Regulations. These mainly concern personal information protection and information security.

Implementation System

At Group companies, the President and Representative Director appoints a Chief Information Security Officer (CISO) as the ultimate person responsible for information security.

Bandai Namco Holdings has established the Group Information Security Committee as a dedicated organization for the maintenance and improvement of the information security system across the Group.

Group Information Security System

A diagram showing the Group’s information security system. The Group Information Security Committee is headed by the Chief Information Security Officer of Bandai Namco Holdings, and includes the CSIRT*. The committee issues directions and orders related to information security to Bandai Namco Holdings and its Group companies as necessary. Bandai Namco Holdings and its Group companies report to the committee as appropriate.

*Director responsible for the Digital Technology Management Department

Main Roles of the Group Information Security Committee

  1. Gather and analyze information on the Group’s information security system as well as plan and propose improvements
  2. Review the Group’s rules and regulations on its information security system
  3. Training of the Group’s officers and employees, as well as monitoring and assistance for awareness-raising activities
  4. Monitoring and assistance for the Group’s information security activities
  5. Planning and monitoring of measures to prevent information security incidents
  6. Information-related collaboration inside and outside the Group

Main Roles of Information Security Committees at Group Companies

  1. Each company establishes its own information security system
  2. Each company reviews and implements its own information security measures
  3. Execute Groupwide information security measures and report to the Group Information Security Committee

Main Information Security Activities

  • Group Information Security Committee meetings
  • Targeted email training
  • Incident response training
  • Public web services vulnerability assessment
  • Information security monitoring

Response to Information Security Risks or Crises

In case of an information security-related contingency, the Group CISO will immediately implement necessary countermeasures and respond following the Group Risk Management Rules along with operational rules and guidelines.

Management of Personal Information

Services provided by the Bandai Namco Group may, on occasion, require that we obtain personal information from customers. Bandai Namco Holdings has established and operates a privacy management system to strictly manage important personal information. Similar systems are also in place at Group companies. In addition, the Bandai Namco Group Basic Regulations on Privacy Protection and the privacy regulations of each Group company stipulate the appropriate handling of personal information in accordance with the laws and regulations of each country, such as obtaining only the information necessary to achieve business purposes and minimizing access rights. Group companies have established personal information management ledgers to visualize the handling of personal information in processes from acquisition to deletion.

Example: Personal Information Management System of Bandai Namco Holdings

A diagram providing an overview of the Bandai Namco Group’s privacy protection system. Reporting to The Chief Administrator of Personal Information Protection (CPO), the head of auditing and the Privacy Protection Secretariat oversee the head of personal information management of each department. Under the heads of personal information management managers selected in each department by these heads are responsible for handling practical matters.
Note: Similar structures are in place at Group companies
Name Roles
The Chief Administrator of Personal Information Protection (CPO)
  • The chief officer responsible for the operation of the regulations, etc.
  • Appointing officers in charge of the Personal Information Protection Management Office
Personal Information Protection Management Office
  • Management Office internally managing the regulations, etc.
Audit Administrator
  • The person responsible for auditing the operation of the regulations, etc.
Administrator of Personal Information Protection for Each Department
  • Operating and managing the regulations, etc., in their own department
  • Appointing officers to be in charge of processing personal information in their own department
Department Officers
  • Person in charge of processing personal information

Information Security Training

The Bandai Namco Group educates all employees about the importance of information security in their duties. We also make the Group Information Security Management Rules known to all to ensure information assets are managed and used appropriately. In addition, we provide training on information security to all Group employees in Japan and abroad.

Main Information Security Training

  • E-learning on information security and personal information for employees
  • Information security seminar for persons in charge
  • Information security seminar for employees
Risk and crisis management
Information security