Fortifying Internal Control
In accordance with the Basic Policy for Internal Control, the Z Holdings Group has created the Internal Audit Division as a division to “continuously evaluate and carry out improvement activities for the entire company on the efficiency and effectiveness of the execution of business duties” of the “corporate group consisting of Z Holdings Corporation, its parent companies and subsidiary companies.” The Internal Audit Division is in charge of audit functions for assurance and consulting services, SOX evaluation and incident management.
Audit is performed on all aspects of business, including subsidiary companies, from a third-party standpoint within the company to reduce obstacles for achieving management strategy goals by assessing the appropriateness of the management of the companies’ operations, and the appropriateness and risks of service operations.
In view of changes such as the business expansion of the entire Z Holdings Group as well as the rise in expectations from society, we prioritize more critical auditing areas, themes, and target departments while we pursue a variety of internal audits, including audits on business, system, departments/services and Group companies, based on the risk approach.
In response to the enforcement of the Japanese version of the SOX Act (J-SOX Act), we have created a dedicated team to make continuous improvements in line with the “Standards and Practice Standards for Management Assessment and Audit concerning Internal Control Over Financial Reporting”. In particular, in the IT control for information systems, we provide and improve management systems for both overall control and work process control.
Incident Management Activities
We pursue activities to effectively visualize and prevent the recurrence of service flaws and incidents, which not only cause trouble to users but also directly and indirectly hinder the achievement of management strategy goals through the decline in trust and competitiveness. Furthermore, we are making efforts in identifying work-related incidents to reduce business risks caused by violation of laws and regulations and deviation from rules, and to improve training and control.