Mitsubishi Electric maintains a multi-dimensional risk management system in which all executive officers participate. Under this system, executive officers are responsible for risk management in their assigned areas of operations. In addition, executive officers exchange information and participate in important management initiatives and decisions through regularly scheduled executive officers' meetings.

Strictly adhering to this management structure and system, the Mitsubishi Electric Group is implementing countermeasures that are intended to detect potential risks at an early stage. In its efforts to minimize business risk and eliminate risks that may have significant social impact, such as those related to corporate ethics and compliance, the environment and product quality, the Group is taking steps toward fulfilling its responsibilities to stakeholders.

The Mitsubishi Electric Group works to quickly discover latent risks in business activities that can impact or potentially impact the environment in a substantial way.

In order to prepare for the event of an accident or emergency, head office divisions, which are responsible for manufacturing facilities, R&D centers, branch offices and affiliates, as well as branch offices, which handle sales operations, have developed detailed risk descriptions and procedure manuals that specify departmental responsibilities. Mitsubishi Electric also anticipates the possibility of accidents, claims, or violations of the law occurring by construction subcontractors or companies working under outsourcing agreements, and informs these outside parties of our risk response procedures, as well as request that they ensure to implement the proper procedures in their respective organizations.

Each of our business sites run tests once a year to determine if the managers in charge are capable of appropriately responding to an emergency. The tests simulate an emergency that has the potential of occurring to determine whether communication channels, the chain of command, movement methods at the site, and reporting procedures function properly. When problems are uncovered, the procedures are revised and the new version is publicized throughout the organization. The tests also serve as drills to help employees become proficient in the proper response procedures.

Protection of Personal Information and Management of Confidential Corporate Information

The Mitsubishi Electric Group has occasions to obtain personal information from customers through questionnaires, registration of purchased products, and after-sales service. At times, we also obtain personal information from people who desire employment in the Mitsubishi Electric Group. To take care in the handling and proper management of this information, we created company rules pertaining to the protection of personal information in October 2001, and strictly require all Mitsubishi Electric personnel (executives, employees, part-time workers, temporary employees, etc.) and affiliated persons to abide by those rules. After announcing our personal information protection policy in April 2004, we established a management system to strengthen our management of personal information, and obtained Japan's "Privacy Mark" certification in January 2008.

We strengthened security management not only for personal information but also for confidential corporate information, which includes information on sales, technical matters and intellectual property. This information is managed through organizational, human, physical and technological security measures. As a part of this effort, in February 2005 we announced the "Declaration of Confidential Corporate Information Security Management" in order to clearly publicize our stance both internally and externally that the company enforces the proper handling of various types of information. For information that has been entrusted to us by other companies, we uphold confidentiality agreements by all means, and we also work to manage and protect such information using the same security measures we use for our own information.

Confidential Corporate Information and Security Measures

PDCA Cycle Applied to Information Security Management

Mitsubishi Electric constantly strives to improve its activities for managing confidential corporate information and to protect personal information through application of a plan-do-check-act, or PDCA, cycle. First of all, we revised internal rules as needed to comply with current laws. In fiscal 2005, we began offering e-learning educational training to all Mitsubishi Electric employees on an ongoing basis, to ensure they are fully aware of the goals of the "Declaration of Confidential Corporate Information Security Management." Furthermore, we have distributed procedures for the management of company secrets and protection of personal information, to firmly establish fundamental conduct in daily business.

In addition, self-audits are conducted at the workplace level along with internal audits by staff from the head office on the status of confidential corporate information and personal information management.

Systems and structures have been established at affiliate companies as well, based on the policies laid out by Mitsubishi Electric and in accordance with the conditions prevailing at each company and location. We intend to improve the quality of management across the entire Mitsubishi Electric Group by building and following PDCA procedures for the protection of Confidential Corporate Information and personal information.

Mitsubishi Electric has a system for responding to accidents and natural disasters in which the Disaster Response Headquarters, Management Response Headquarters and Business Group Response Headquarters work together under General Headquarters, which is headed by the President.

In the event an emergency situation involving an accident or natural disaster arises, we first ensure the safety of people and physical infrastructure, then work to restore operations. The safety of people and physical infrastructure is our utmost priority, so educational activities are conducted by our Health and Safety Committee on a regular basis to ensure prompt action is taken, and general disaster prevention drills are conducted every year that include drills on escape routes and extinguishing initial outbreaks of fire.

In addition, reporting on the impact inside and outside the company follows a set channel, from the business site to the business group's administrative department to the Group president of the business group to the president. A company-wide response is determined and taken while instituting emergency measures at each stage.

Mitsubishi Electric created a disaster response manual in April 1996 to minimize injuries and physical damage and facilitate prompt relief and recovery in the event of a major earthquake. It includes measures in advance and establishes an emergency response measures directly following an earthquake, including setting up a disaster response organization and a code of conduct. Presently we are working on our business continuation plan based on the latest disaster response manual.

We have also established use of a digital Multi Channel Access (MCA) wireless system as an emergency lifeline. In addition, the information communication system and safety confirmation system using cell phone-based email have been introduced and well used in the earthquakes on Japan's Noto Peninsula and in Mie prefecture. We will continue to enforce the operational and hardware aspects in order to attain information efficiently in emergency situations.

Emergency drill