Risk Management

Policy and Commitment

The Shimizu Group works to ensure continuous and stable development of our business by mitigating risks and minimizing potential losses. We achieve this by identifying various risks we face in operations or other business activities, and appropriately managing them. In the Mid-Term Business Plan 〈2024‐2026〉, we have set “refine sustainability management” as one of our goals, and we are seeking to “take risks while properly risk-hedging”.
Risk refers to all factors that hinder us from achieving our business objectives when managing the business of the Shimizu Group from the following perspectives.

  • Factors that may cause direct or indirect economic loss to the Shimizu Group
  • Those that may disrupt or suspend the continuation of the Shimizu Group’s business
  • Those that may harm the Shimizu Group's reputation and damage its brand image

Management System

Taking a PDCA Cycle Approach to Risk Management

Risk Management Structure and Risk Management Process

The Shimizu Group annually executes the below risk management process based on the Risk Management Regulations under the leadership of the Risk Management Committee chaired by the President and strives to further improve and strengthen its risk management structure. In addition, recognizing that the relevant risks and issues are wide-ranging, fluid, and volatile, we add new potential risks to our list as necessary and review our risk management structure, response policies, and others. This risk management structure has been established based on the ISO 31000 framework.

  • Establishing the risk management plan (Plan)

    a. Assessing the risks and creating a risk map:
    We evaluate the potential impact on the business and likelihood of each identified risk materializing, to create a risk map and update it.

    b. Identifying “major risks”:
    Based on the risk map, we identify the risks which pose a very substantial impact on the business and operations of the Shimizu Group as “major risks”.

    c. Selecting the “key items of risk management”:
    From the identified “major risks”, we select the items which require daily monitoring and control as the “key items of risk management” for the Company, and incorporate them in the operation plan of each division.

  • Implementing risk mitigation measures (Do)

    When a certain risk actually occurs and develops into an incident, we report it to the departments/divisions that are responsible for the risk, respond immediately and appropriately, convene the relevant corporate meetings/committees if necessary, and deliberate on and decide response measures and recurrence preventive measures.

  • Monitoring the status of risk management/Taking corrective and improvement measures (Check/Act)

    The Risk Management Committee regularly (twice a year) monitors the status of our risk management with regard to the “key items of risk management” and other risks relevant to various functions of the divisions in the Corporate Headquarters, business divisions, and group companies. The Committee gives instructions on corrective and improvement measures if needed, it strives to respond to newly identified risks, and periodically (twice a year) reports the status of our risk mitigation measures to the Board of Directors.<

Risk Management Structure and Risk Management Process

Risk Management Structure (According to the Risk Management Regulations)

Risk management structure

Evaluate the Potential Impact and Likelihood of Occurrence of Each Identified Risk

The Shimizu Group creates and updates the “risk map” with one axis showing the “potential impact on the business” and the other axis showing the “likelihood of occurrence”, based on the risk assessment done by the relevant departments/divisions.
The “potential impact on the business” is assessed from the viewpoints of harm to humans, property damage, reputational damage, monetary loss, and liabilities. The level of impact on our business and operations in case a certain risk materializes and develops into an incident, is comprehensively evaluated from quantitative and qualitative perspectives.
For the “likelihood of occurrence”, the likelihood of a certain risk actually occurring and developing into an incident is evaluated in these categories: an incident which may occur annually, an incident which may occur once in several years, an incident which may occur once in a decade, and an incident we have never experienced before.
When we evaluate various risks, we refer to the past incidents and seek to assess them considering the worst-case scenario for the Company.

Evaluate the Potential Impact and Likelihood of Occurrence of Each Identified Risk

Information Security

Information Security Policy (Basic Policy)

Shimizu strives to satisfy its clients through quality construction and relevant services and aims to contribute to the sustainable development of the 21st century society. To fulfill these goals, Shimizu recognizes the importance of utilizing information as efficiently and effectively as possible in order to leverage the company’s full range of available resources. In its use of such information, Shimizu, including its Group companies, are committed to maintaining an appropriate standard for information security.

Information Security Guideline
  1. Develop an information security management system that complies with international standards, and continuously maintain and improve upon this system.
  2. For all information under our oversight related to business activities, and all related systems that use this information, we clarify the scope and reasons for protection in order to develop solutions for appropriate information management.
  3. In order to maintain and continuously improve upon information security, we establish a Corporate Meeting to consistently promote and manage information security throughout the entire company.
  4. We work to expand and deepen the understanding and knowledge of information security amongst our employees and affiliates through educational and informative initiatives.
  5. By conducting regular audits and assessments regarding information security, we identify and confirm new and emerging risks, as well as assess external environmental changes, in order to continuously manage these risks.

Management and Protection of Personal Information

We established our Privacy Policy in 2005 and are committed to protecting personal information.

Information Security Initiatives

In accordance with our Information Security Guidelines, we are working to improve our security robustness, including the prevention of information leaks. The details of the revisions are communicated to all relevant parties, and incorporated into the contents of internal training materials.

We are seeking to raise awareness of information security of all our employees, including ensuring that they know how to deal with targeted attack emails. We are also collaborating with business partners for construction projects and continuously working to refine the information security system.

Business Continuity Plan (BCP)

Basic Principles

In recent years, changes in the natural environment such as climate change and global warming have precipitated natural disasters that cannot be responded to with existing practices. We have implemented many measures to counteract various disasters in the past, and have formulated a business continuity plan (BCP) to prepare for the occurrence of critical events of a level which we are unable to respond to with the existing outlines of countermeasures. The plan is revised as needed.
In cases of natural disasters, our mission is to secure the safety of citizens residing in areas affected by the disaster and to preserve the foundation for living and the foundation of society. In our BCP, we focus on promptly preserving our workplace and facilities, supporting the recovery and restoration of the affected areas, and supporting our clients to restart their businesses as quickly as possible.

In order to act promptly under such circumstances, our individual employees must understand their roles and act independently and responsibly. Additionally, we must have a corporate structure which is able to quickly adapt to new situations. In accordance with the points above, our BCP policy is established as below:

BCP Basic Policy
  • Prioritize ensuring and confirming the safety of our employees and their families
  • Strive to preserve our facilities and job sites where construction is in progress
  • Assist recovery work of clients’ facilities (properties constructed by Shimizu)
  • Contribute to ensuring the living foundation for society and community
  • Create a structure that allows workers that are involved in preservation activities to act independently

Identifying Risks and Estimating Potential Damages

Critical events caused by “extremely severe disasters” such as natural disaster and the like which are highly likely to impact our business activities in wide-ranging areas including disruption/suspension of headquarters functions are identified as risks.

Risks Affecting Our Business

Overview of major risks Main mitigation measures/initiatives Likelihood Impact
(1) Risk of ethical and legal violations
The construction industry, which is the main business field of the Group, is subject to various legal regulations, including the Construction Business Act, the Building Standards Act, the Real Estate Brokerage Act, the National Land Use Planning Act, the City Planning Act, the Antimonopoly Act, and various laws related to safety, environment, labor, and harassment. If an illegal act were to take place within the Group, it could affect our business performance and corporate valuation.
We put into practice the Credo, The Analects and the Abacus, and the entire Group works to reinforce ethical awareness and ensure thorough compliance.
(Main initiatives)
  • Establishment of the Corporate Code of Ethics and Conduct
  • Establishment of the rules and internal systems in order to properly respond to various laws and regulations
  • Establishment of the compliance promotion system, including establishment of the Corporate Ethics Committee (chaired by the President), Corporate Ethics Office, Internal Whistleblowing System (contact point for consultation: Corporate Ethics Helpline Office, harassment helpline, external helpline, group company helpline, etc.), and the internal audit system
  • Regular implementation of corporate ethics trainings for senior management (including senior management of the Group companies)
  • Annual implementation of compliance trainings for employees (including e-learning)
  • Establishment of the compliance programs for the Antimonopoly Act and code of conduct, and continuing implementation of measures to prevent recurrence of violations of the Antimonopoly Act
  • Raising of awareness through internal media (internal newsletter, legal news, etc.)
  • The Group companies also implement equivalent activities
Low to Medium Medium to Large
(2) Risk of safety and environmental incidents
Accidents causing injury or death, environmental contamination/defects, violation of environmental laws and regulations during the construction may lead to a large amount of repair costs, construction delay, business restrictions due to criminal or administrative penalty and the like, and are likely to impact our business performance and corporate valuation.
We share the basic principles of “safety first,” “respect for human life,” “prevention of environmental contamination,” and “biodiversity conservation” within the Company, and strive to raise awareness of safety and environment.
(Main initiatives)
  • Establishment of the Safety & Environment Committee
  • Operation of the Construction Occupational Health and Safety Management System (COHSMS), establishment of a Basic Policy for Safety and Health Management, and development of a company-wide Health and Safety Plan
  • Proper operation of the Environmental Management System (EMS), and establishment of the Basic Environmental Policy
  • Feedback on accidents/defects, sharing them across the Company, and implementation of the relevant PDCA cycles
Low to Medium Medium to Large
(3) Risks related to technology and quality
Serious accidents/defects related to technology and quality triggering serious contractual non-conformity may cause large repair costs, construction delays, reputational damage and the like, and are likely to impact our business performance and corporate valuation.
We share our business principles of “customer first” and “quality assurance” within the Company, and strive to further improve quality control.
(Main initiatives)
  • Establishment of the Technology & Quality Committee
  • Establishment of an organization responsible for quality control
  • Proper operation of the Quality Management System (QMS)
  • Feedback on quality defects, sharing them across the Company, and implementation of the relevant PDCA cycles
Low to Medium Medium to Large
(4) Risk of workforce shortage
The skilled workers who are essential for the construction industry are aging. If we fail to secure a generational transition via new recruitment prior to the mass retirement of the baby boomer generation, our production capabilities may be impaired, thereby affecting our business activities and performance.
Through public-private partnerships, we are working to secure and train workers, improve their treatment, and make the construction industry more appealing.
(Main initiatives)
  • Securing of appropriate contract amounts and construction periods
  • Improvement of the wage levels for skilled workers through collaboration with our business partners, and promotion of enrollment in social insurance
  • Promotion of work weeks with two days off
  • Recruitment support for business partners, commendations and special allowances for outstanding skilled workers, and support for training multi-skilled workers
  • Implementing adaptive/retention trainings for skilled workers at the educational and training facility (Shimizu Takumi Training Center)
  • Promotion of women's participation and advancement
  • PR activities to highlight attractiveness of the construction industry
  • Promoting active and fair engagement of international talent
  • Introduction and promotion of the Construction Career Up System (CCUS)
  • Initiatives to improve productivity, including development and adoption of labor-saving methods and construction robots, and utilization of ICT
  • Promoting the use of cost estimates that specify the breakdown of labor, material, and other costs to improve the treatment of skilled workers, in accordance with the Revised Construction Business Act
High Large
(5) Risk of fluctuation in construction material costs and labor rates
If construction material costs and/or labor rates rise significantly beyond expectations after the execution of the contract, and it proves difficult to reflect these increases in the contract price, it may lead to increased construction costs and a deterioration in profitability.
We strive to mitigate risks by conducting rigorous pre-order award screening and clarifying the scope of work when submitting estimates.
When entering into construction contracts, we are committed to ensuring that the terms and conditions include provisions (i.g., escalation clauses) for contract price adjustments based on fluctuations in labor wages and construction material prices.
High Medium
(6) Risks related to changes in the international affairs
Significant changes in the political and economic situations, exchange rates, tax systems, or legal regulations in foreign countries, as well as the occurrence of terrorism, war, or riots; sharp increases in material prices; material shortages or unavailability; and significant rises in labor rates or tightening of the labor supply-demand balance could adversely affect our domestic and international business operations and performance.
In our overseas business development, we carefully select target regions and countries by considering both business opportunities and country risks, while implementing the necessary measures.
In the domestic construction business, we are reviewing our excessive dependence on supply chains in specific countries or regions to achieve risk diversification and optimization.
(Main initiatives)
  • Implementation of anti-terror measures by using consulting services and others
  • Implementation of anti-corruption measures
  • Review on existing supply chains
Low Large
(7) Risks associated with long working hours
The construction industry as a whole is facing chronic labor shortages. Especially during busy periods, there is the risk of long working hours for staff as workload concentrates on specific employees. If such a situation continues, it may not only adversely affect the safety and health of our employees, but may also adversely affect our business operations, including reduced motivation and productivity, and the eventual loss of talent.
To improve our labor management, we have implemented new systems to accurately track working hours and attendance. We also have in place an appropriate structure to take care of employees’ mental health, such as posting sufficient occupational health specialists and holding visiting interviews with staff at project sites. Additionally, in order to avoid excessive workloads, we are working to improve efficiencies and level out workloads through front-loading activities, flexible working arrangements, work sharing and outsourcing, streamline and balance workloads by digitalization, etc., and to ensure appropriate construction schedule. In addition, we regularly examine employee engagement scores, and monitor implemented controls such as records of project site closures and leave utilization status. In this way we seek to accurately grasp the current work environment and improve it further. Medium to High Medium to Large
(8) Risks related to order awards and contracts
If a contract agreement contains extremely strict conditions or ambiguous clauses, we may not be able to secure the intended profits.
We strive to conclude contract agreements on appropriate terms and conditions by closely examining the policies and contract conditions of each project at company-wide corporate meetings, for both domestic and overseas construction business.
In addition, we are sharing the information on the Revised Construction Business Act that mandate contractors to provide the information on relevant risks to employers, and provide guidance on how to respond, and we are ensuring all employees comply with them.
(Main initiatives)
  • Deliberation of receiving order award strategies and policies at company-wide corporate meetings
  • Strengthening the review system for large-scale projects
  • Establishment of a department responsible for managing contract-related risks
Medium to High Medium to Large
(9) Risks associated with construction market trends
If private-sector capital investment declines due to economic downturns in Japan or overseas, or if public investment decreases for reasons such as fiscal consolidation, it may affect the future order award trends.
Every month the Board of Directors reviews the outlook of order awards for the construction business and the potential projects volume, and provides instructions on necessary measures at the Executive Officers’ Meeting, Division Directors’ Meeting, and others.
We set the change of our target revenue structure in SHIMZ VISION 2030, our long-term vision looking ahead to 2030, and we are implementing growth strategies for each line of business according to the Mid-Term Business Plan 〈2024‐2026〉.
Medium Large
(10) Risks related to asset holdings
The Shimizu Group invests in businesses such as real estate development, PFI projects, and renewable energy, while simultaneously executing strategic capital investments, including fixed assets for internal use and digital transformation (DX) initiatives.
Significant changes in the business environment, such as a market downturn, financial market volatility, or rising commodity prices and labor costs, could affect our business performance.
We establish annual investment plans to operate within a risk range that is in line with our corporate strengths. As for individual investments, we invest in a calculated manner including pre-defined exit strategies (investment recovery plans), based on investment criteria. The Board of Directors regularly follows up on the progress of each line of business, investment balance, business portfolio, and market value, and takes measures as necessary. Low Large
(11) Cybersecurity risk
If we were to fall victim to a cyberattack such as a targeted e-mail attack, ransomware, malware attack leading to viral infection, or unauthorized access, it could affect our business operations and corporate reputation due to system outages, suspension of production activities, legal liabilities, financial losses, damage to brand image, and other factors.
We have established the DX Committee to discuss matters related to information security, and take the necessary measures.
(Main initiatives)
  • Regular implementation of targeted e-mail attack drills for employees
  • Vulnerability diagnosis of public servers
  • Constant monitoring of viruses by entrusted third parties
  • Implementation of countermeasures for unknown malware
  • Formulation of the Cyber Business Continuity Plan (BCP) Guidelines
Low Large
(12) Risk of leakage of confidential information
The leakage of confidential information obtained through our business activities may have a negative impact on our business performance and corporate valuation.
By establishing a Privacy Policy and rules/regulations to protect personal information, and appointing a Corporate Personal Information Protection Administrator, we are properly managing personal information and implementing various measures to address information security risks.
(Main initiatives)
  • Periodical review of the Information Security Guidelines
  • Distribution of the Information Security Handbook, and raising of awareness through the use of digital signage
  • Regular implementation of information security e-learning and information security audits
  • Joining the membership of the Nippon CSIRT Association, and adopting an incident response system based on the CSIRT system
  • Conducting information security assessments
Medium Medium to Large
(13) Natural disaster and infectious disease risks
The occurrence of natural disasters, such as earthquakes, tsunamis, wind and flood damage, and volcanic eruptions, as well as global pandemics, could cause direct damage to the Group’s assets and personnel, potentially affecting our business operations. In the event of a large-scale disaster, changes in the business environment, such as shifts in order award trends, the soaring cost of construction materials, and a reduction in energy supply capacity, could affect our business performance.
We established the BCP Committee to continuously review our BCP, determine training plans, and follow up on the status of implementation.
(Main initiatives)
  • Regular implementation of earthquake disaster drills for major earthquakes such as a Tokyo metropolitan area earthquake or a Nankai Trough earthquake
  • Establishment of action protocols for wind and flood damage, implementation of storm and flood training (e-learning) for employees, and implementation of storm and flood drills
  • Establishment of response policies for volcanic disasters, implementation of measures to promote understanding (e-learning, handbooks), and conducting drills simulating a Mount Fuji eruption
  • Development of an information sharing system in times of disasters
  • Securing of emergency power supply, and enhancement of stockpile
  • Development of data center backup systems
Low Large
(14) Climate change risk
If average temperatures were to increase or climate disasters were to become more frequent or intense as physical effects of climate change, it could affect the operations of construction sites which are core to our business.
If regulations become stricter with regard to construction of new buildings, land alterations, use of materials derived from natural resources, and others, in order to shift society to more decarbonized and in harmony with nature, it could reduce the demand for new construction.
Furthermore, developments in systems related to carbon pricing and offset trading aimed at achieving “nature-positive” (nature restoration) goals could affect our business performance.
We have been disclosing financial information based on the Task Force on Climate-related Financial Disclosures (TCFD) Recommendation since 2020, and also based on the Taskforce on Nature-related Financial Disclosures (TNFD) Recommendations since 2024. We have been analyzing risks and opportunities related to climate change and nature and studying response measures. The Sustainability Committee (chaired by the President) deliberates and decides on response measures, and the Board of Directors ensures that they are in line with our business strategies.
(Main initiatives)
  • Switching 100% of the electricity used at new construction sites in Japan to green power
  • To promote the use of timber that respects the environment and human rights, we have set a target to achieve zero usage of uncertified imported plywood for formwork by 2030, and are working in collaboration with our business partners
High Medium
(15) Risks related to creation, revision, or repeal of laws
If new laws and regulations were to be enacted or existing laws were to be revised or repealed due to changes in society or the times, it could affect our business performance and corporate valuation.
To properly respond to establishment of new laws or revision/repeal of existing ones that affect our business activities, we have prepared our own rules and regulations, provide notice through various corporate meetings, company intranet, and other means, and are implementing internal education and training (including e-learning). Medium Large
(16) Risks associated with fluctuations in financial markets
If financial markets become dysfunctional due to deteriorating financial/economic situations in Japan and abroad, it could lead to restricted availability of funds and increase in funding costs.
If the interest rates suddenly go up or there are drastic fluctuations in the exchange markets, it could affect our business performance.
Through timely disclosure of information to our main financial institutions, we seek to secure their understanding of our business, and maintain and further improve close relationships. We also have commitment lines and spot borrowing limits in place in order to secure liquidity in case of an emergency. Low Large
(17) Price fluctuation risk of investment securities
In the event of a significant decline in the fair value of investment securities, our financial results could be adversely affected.
The Board of Directors comprehensively examines the necessity of securities holdings of individual stocks each year, taking into consideration their economic rationality, including the cost and risk of holding them, and potential business development benefits. Following a review of our holdings, we are proceeding with the sale of shares where the rationale for holding has diminished, while carefully maintaining our trust relationships with the clients/business partners. Even in cases where the rationale for holding and economic rationality are recognized, we proceed with negotiations for sale, taking into account our trust relationships with the clients/business partners and market conditions, in order to achieve our target for reducing securities holdings. Low Medium

Key Items of Risk Management for FY2026

Items which require daily control and monitoring are selected from “major risks” as the “key items of risk management”, and they are incorporated in the operation plan of each division. Its management status is regularly monitored.

  1. Risk of ethical and legal violations
  2. Risk of safety and environmental incidents
  3. Risks related to technology and quality
  4. Risks associated with long working hours
  5. Risks related to order awards and contracts
  6. Risk of leakage of confidential information and cybersecurity risk

Recommended content