Corporate Obligations and ResponsibilitiesFortifying Internal Control

In accordance with the Basic Policy for Internal Control, the Company has created the Internal Audit Office as a division to “continuously evaluate and carry out improvement activities for the entire company on the efficiency and effectiveness of the execution of business duties” of the “corporate group consisting of Yahoo Japan Corporation, its parent companies and subsidiary companies.” The Internal Audit Office is in charge of audit functions for assurance and consulting services, SOX evaluation and incident management.

Audit Functions

Auditing is performed on all aspects of business, including subsidiary companies, from a third-party standpoint within the company to reduce obstacles for achieving management strategy goals by assessing the appropriateness of the management of the companies’ operations, and the appropriateness and risks of service operations.

In view of changes such as the business expansion of the entire Yahoo Japan Group as well as the rise in expectations from society, we prioritize more critical auditing areas, themes, and target departments while we pursue a variety of internal audits, including audits on business, system, departments/services and Group companies, based on the risk approach.

SOX Assessments

In response to the enforcement of the Japanese version of the SOX Act (J-SOX Act), we have created a dedicated team to make continuous improvements in line with the “Standards and Practice Standards for Management Assessment and Audit concerning Internal Control Over Financial Reporting”. In particular, in the IT control for information systems, we provide and improve management systems for both overall control and work process control.

Incident Management Activities

We pursue activities to effectively visualize and prevent the recurrence of service flaws and incidents, which not only cause trouble to users but also directly and indirectly hinder the achievement of management strategy goals through the decline in trust and competitiveness. Furthermore, we are making efforts in identifying work-related incidents to reduce business risks caused by violation of laws and regulations and deviation from rules, and to improve training and control.