Company Data

Risk Management Processes（Sensitivity Analysis & Stress Testing）

As written below, we perform sensitivity analysis or stress testing on a group level to analyze the impact of risks.

On financial risks	On exchange and interest rates
On non-financial risks	On changes in water availability or water quality On operational risks On market risks On strategic business risks On compliance risks

The important long-term emerging risks

Information security risks (e.g., new cyberattacks)

Potential business impact of the risk	Leaks of personal and/or sensitive information damage our group's reputation and brand image. In addition, payment of compensation for damages and legal penalties may have a significant impact on our group's business performance and financial condition.
Mitigating actions	Improvements are being made in terms of both technology and management through the establishment of information security policies and the understanding of external threat trends.
	In preparation for cyber attacks, various solutions for prevention, detection, response, and recovery are introduced, and initial response training is conducted in case of an emergency.
	We collect, analyze, and disseminate a wide range of security-related information, including the latest attack methods and incident situations, and conduct communications monitoring, emergency response, research and development, and external collaboration.
	Through extensive cooperation with external security organizations, security-related information is quickly shared, and early detection and early response to information security incidents are realized.
	We have introduced an Electronic Disaster Response (Tanium) system at Group sites in Japan and overseas to detect, respond to, and recover from threats that change with the status of endpoints.
	We are working to improve global security governance by building and operating a uniform security infrastructure globally.

Risks associated with securing human resources

Potential business impact of the risk	Sophisticated IT personnel are one of the most important management capital resources for our group in terms of development and service delivery. A shortage of IT personnel in the future will have a significant impact on customer operations and the lives of general users, and may have a negative impact on our group's business performance and financial condition.
Mitigating actions	In terms of recruitment, we are strengthening the recruitment of personnel who have a background in digital technology or who are capable of promoting global business, and we also are promoting to hire personnel with immediate business capability.
	Our company is promoting the recruitment of human resources through the Advanced Professional System, which employs human resources with outstanding expertise in the digital domain who can immediately contribute to the expansion and driving our business, with compensation commensurate with market value, and we also introduced the Technical Grade System, which provides compensation commensurate with the degree of contribution of expertise.
	We are focusing on the development of professional human resources with a high level of expertise and the ability to respond to changes in the erea, and human resources who can play an active role on a global scale. In order to realize this, in April 2022, Olive One was introduced as a new human resource development platform.
	In addition to establishing a system to promote the autonomous growth of employees, such as the realization of highly specialized treatment, we will promote diversity, equity, and inclusion and improve employee engagement by creating an environment in which employees can flexibly set the time and place to work according to the characteristics of their work.

Security Experts

With information security threats getting more diverse and sophisticated, there are concerns about the shortage of human resources with the information security expertise required.
Against this backdrop, the NTT DATA Group develops security experts and improves their skills actively. As of April 2023, 990 experts, with the “Security Expert Qualification” offered internally by the NTT Group were active in Japan and overseas.

Job Classification	Level
Security management / Security consulting	Security Masters	2	First-rate experts with industry-leading track records and communication capabilities
Security operation	Security principals	7	Specialists in proposing security strategies to managers
Security development	Security professionals	981	Specialists with exceptional experience and judgement