Governance of the JTB Group
The JTB Group realizes sound and sustainable management.
＊Most of the sites are in Japanese, but some are in English and are marked as (English).
Our Group strives to enhance corporate governance, including the strengthening of management oversight and supervisory functions and the establishment of corporate ethics, with the aim of achieving sustainable growth and enhancing corporate value.
Development and Implementation of Internal Control Systems
We have established the "Basic Policy for Establishment of Internal Control System" and are making efforts to ensure the appropriateness of business operations in accordance with the policy.
Building Relationships of Trust with Society
The JTB Group has established the JTB Group Code of Conduct, in which all employees act with an emphasis on fairness.
In practicing our The JTB Way, we are committed to acting with respect for fairness and building relations of confidence with society.
Specifically, do the following:
- 1．We will comply with laws, regulations, and social norms, and strive for fair and transparent corporate activities.
- 2．We will conduct fair business transactions from the customer's point of view.
- 3．Deepen cooperation with business partners in a fair and impartial manner.
- 4．We will compete fairly with our competitors.
- 5．We will meet the expectations of our stakeholders (customers, shareholders, employees, society, business partners, etc.) by disclosing information in a prompt, accurate, and fair manner and by enhancing the value we provide.
- 6．As a good corporate citizen, we will contribute to the sustainable development of society and the preservation of the global environment.
- 7．As an autonomous employee, we will take responsible actions and contribute to society.
- 8．We will place diversity at the heart of our corporate culture, respect diverse values, and become an innovative company.
Identifies risks, analyzes, evaluates, and prioritizes them, and formulates preventive measures and countermeasures. The risk management cycle is recycled through repeated evaluations and improvements.
Risk Management System
Under the leadership of our Internal Control Committee, we have established a system for comprehensively grasping the Group's risks and comprehensively managing the risks of all organizations, and are continuously promoting risk management.
Risk Management System
In the event that a risk materializes and a crisis occurs in our group, we will establish an accident response headquarters as an organization to oversee the crisis management system, implement prompt and appropriate crisis responses, and minimize the impact on our management and stakeholders.
In accordance with the Information Security Regulations, we have established a management system with the chief information security officer (CISO) as the chief executive. We also regularly review our information security regulations in response to changes in the business environment.
Protection of Personal Information
In accordance with the Law Concerning the Protection of Personal Information, the Information Security Regulations, and the Personal Information Protection Management System Principles, we will handle and protect the personal information of customers as follows.
EU General Data Protection Regulations (GDPR) Compliance
We have established a system to comply with GDPR by appointing a data-protection manager and carrying out the following activities.
- 1． Monitoring GDPR Compliance
- 2． Advice on necessity of data protection impact assessment and monitoring of implementation status
- 3． Cooperation with the European regulatory authorities and activities as a contact point, irrespective of whether in normal times or in the event of an accident
- 4． GDPR response prioritization and response instructions for systems and workflows
- 5． Instructions for keeping personal information handling records and monitoring the status of records
With regard to IT security, we believe that we are a corporate social responsibility. We maintain security that maintains the confidentiality, integrity, and availability of information assets handled by our group, and promote the protection of information assets and appropriate safety measures.