Basic Policy on Implementing Internal Controls

In accordance with the Company Law and related legislation, enacted May 1, 2006 (Company Law, Article 362, Section 4, Item 6 and Section 5; Company Law Enforcement Regulations, Article 100; Government Ordinance on Temporal Measure to Enforce the Company Law, Article 14), I-O DATA established the following basic policy for the overhaul of its internal control system.

1. Systems to ensure that directors and employees conduct their work in accordance with the law and the Articles of Incorporation

(1) To improve enterprise value and gain trust as a member of the community, I-O DATA places compliance with the law, its own Articles of Incorporation and community standards at the heart of its business. As part of this action policy, the Company has instituted the I-O DATA Action Charter and the I-O DATA Code of Conduct, which directors and employees are expected to follow in the course of their duties.
(2) We have established a Compliance Committee, chaired by a director, which deliberates on important compliance issues, provides training and raises awareness to maintain and improve the compliance system.
(3) The Compliance Helpline is a reporting mechanism created to enable quick discovery and response to violations of the law. Reporting to the Compliance Committee Chair, Compliance Secretariat and independent auditors, the Helpline effectively promotes compliance.
(4) The Audit Office reports directly to the president, conducting regular audits on the performance of operations and the status of compliance at each department, and reporting the results to the president and the statutory auditors.

2. Systems to store and manage information on directors’ execution of their duties

The Company stores and manages information on the execution of directors’ duties based on document-handling guidelines and other internal rules.

3. Rules and other systems to manage the risk of losses

(1) The Risk Management Guidelines spell out the basic policy and organizations for managing business risk. Risk management systems are established and organized on this basis, to ensure effective handling of risk.
(2) The Company recognizes a wide variety of types of risk, including market risks, credit risk, quality risk, compliance risk and overseas country risk. For each compliance category, managers are appointed to assess and respond to risk appropriately.
(3) The General Affairs Department has general responsibility for overall risk management, collecting information on risk and implementing risk management as an integral part of internal control. Furthermore, the Department is organized to take rapid crisis-response measures in the event of serious problems.

4．Systems to ensure that directors perform their duties efficiently

(1)To ensure fast decision-making in response to changes in the market environment, I-O DATA introduced a system whereby executive rights and responsibilities are delegated to executive directors.
(2)The Board of Directors meets in principle once a month, to reach decisions on the most vital issues of the Company’s management and assess the performance of duties by directors up to the level of executive director.
(3)The Management Conference meets in principle once a week and consists of directors, statutory auditors, executive directors and department managers. The Conference reports and deliberates on the most important issues confronting the Company at that time.
(4)A system of internal regulations is established to clarify the division of duties and responsibilities among directors, executive directors and employees to ensure the effective and appropriate performance of duties.

5. Systems to ensure a suitable division of duties among the Company and its subsidiaries

(1) Directors and executive directors are appointed to ensure that subsidiaries are managed according to the regulations on management of affiliates and other in-house regulations, and to monitor and supervise the actions of directors in subsidiaries.
(2) Important decisions on the management activities of subsidiaries are reported to the Board of Directors of the Company for approval.
(3) Liaison meetings are held regularly with subsidiaries. These meetings provide a forum for sharing information and views among the Group, ensuring consistency in management policy.
(4) The Company’s Audit Office conducts regular audits of subsidiaries’ operations and internal controls and reports its findings to the president and full-time auditors of I-O DATA.

6. Employees requested to assist auditors in the performance of their duties

Employees may be seconded from the Audit Office to assist auditors in their duties, but in some cases administrative staff may be seconded to provide assistance as necessary.

7. Independence of auditors’ assistants

(1) Items relating to the transfer, evaluation and disciplining of employees seconded to assist auditors in their duties require the approval of the Board of Auditors.
(2) Employees who receive orders from auditors regarding their auditing work may not receive orders regarding those orders from directors.

8. System for reporting of directors and employees to auditors and other systems for reporting to auditors

Employees and directors report and provide information as necessary to each auditor in accordance with the Board of Auditors Guidelines and the Auditors’ Auditing Standards. Also, in the event of the following emergencies, employees and directors must report them to auditors without delay.
1) A financial or legal problem that may significantly affect the Company’s management.
2) A situation that may otherwise significantly damage the Company.

9. Other systems to ensure the effective implementation of audits

(1) Meetings are held, as appropriate, for auditors to exchange views with the president and directors.
(2) The Audit Office confers with auditors annually to devise an auditing plan. The Audit Office and auditors stay in regular contact to enable plentiful opportunities for meetings and exchanges of views on the findings and proposals resulting from internal audits.
(3) The auditors and Audit Office exchange information and stay in regular contact with the account auditors.

top of page