Risk Assessment on Toyota Motor Corporation


Risk Assessment on ToyotaMotor Corporation

Tableof Contents

Abstract 3

Chapter 1: Introduction 3

1.1 Organizational Profile 3

1.2: Organizational structure 4

1.3: Organizational Profile 4

1.4: Aspects of the company’s computing and network infrastructure 5

1.5: Background 6

Chapter 2: Risk Assessment approach 7

2.1Risk assessment model 7

2.2: Risk Assessment 7

2.2.2: Step 2: Threat Identification 13

2.2.3: Step 3: Vulnerability Identification 14

2.2.4: Step 4: Risk Control Analysis 18

2.2.5: Step 5: Likelihood determination 19

2.2.6: Step 6: Impact Analysis 20

2.2.7: Step 7: Risk Determination 21

Chapter 3: Recommendations on control and mitigation measures 22

Reference 25


The Toyota Motor Corporation is one of the largest automobilemanufacturing and producing company in the world. It was founded in1937 by the Toyoda family that owned Toyota industries thatmanufacture motor vehicles and given the brand name Toyoda. Its logowas designed in 1936 when it became a public traded company, and itsname changed to Toyota. Today, the company has been ranked one of theworld’s most successful companies. It has made business mergerswith other businesses and signed a memorandum of understanding withBMW. Despite the success of the enterprise, it faces both internaland external risks. Its market is always under constant pressure fromcompetition and global economic changes.

Chapter1: Introduction

Executive Summary

1.1Organizational Profile

Toyota Motor Corporation is a Japanese company t founded in 1937 byKiichiro Toyoda. The current Chief Executive Officer is Akio Toyodawho assumed office in 2009, and it is chaired by Takeshi Uchiyamadawho took over in 2013. The company engages in designing,manufacturing, assembling and selling of commercial vehicles, vans,cars, parts and accessories in Japan, Europe, Asia and North America.The company headquarters is in Toyota, Aichi, Japan. The company’scurrent brands include Toyota, Hino, Lexus, and Daihatsu. It is theleading auto manufacturer and the eight largest company globally.

1.2:Organizational structure

Toyotaadopts a divisional organizational structure that went throughsignificant changes in 2013. The new corporate strategy was developedto respond to the safety issues, and product recalls that began in2009 (Gregory, 2015).

GlobalHierarchy: despite the reorganization of its structure, the companystill maintains its global hierarchy. However, the decision-makingpower has been increased among the regional heads and the businessunit heads. Decision making is now less centralized, but businessunit heads still reports to the global headquarters in Japan.

GeographicDivisions: Toyota’s organizational structure has eight divisions.Those are Japan, China, Asia and Middle East, Eat Asia and Oceania,Europe, North America, Africa, Caribbean and Latin America. The headof every region reports to the company’s headquarters. Throughthese divisions, Toyota has improved its products and servicesaccording to the market needs of those areas.

Product-basedDivisions: the company has four product categories namely: LexusInternational, Toyota No.1 for operations in North America, Japan,and Europe, Toyota No.2 for all other regions and the Unit Centerthat deals with engines, transmissions, and other activities. Thisfeature in Toyota’s organization supports the development ofproduct lines and brands.

1.3:Organizational Profile

Toyota conducts its business in the automotive industry, and itssells its vehicles to about 190 countries including the offer offinancial services. Toyota’s top markets include Japan, Europe,Asia and North America. In March 2014, the multinational corporationhad 338,875 employees worldwide and 344,109 as per the 31st March2015, and by February 2016 it was declared the 13th largest companyregarding revenue worldwide (&quotToyota Global Site | FinancialInformation,&quot 2016). The company is also ranked the world’sbiggest manufacturer of hybrid electric vehicles, and it encouragesmass adoption of these cars in the market globally. Recalls have beenexperienced by the company frequently, and the most current recallactivity saw 10 million vehicles recalled due to problems withpedal/floor mat entrapment in 2009-2010 (&quotThe ContradictionsThat Drive Toyota’s Success,&quot 2008). Recalling all thosevehicles was not an easy task for the company, and in fact, ittainted its reputation because after the recalls their score was atposition 139, but rebounded to 74 in 2012 (Jothi, &amp Kalaivani,2015). In 2014 again, Toyota recalled close to 6.5 million cars dueto faults in steering wheels and seats and forced them to repairthem.

1.4:Aspects of the company’s computing and network infrastructure

Toyota transformed its information systems from “order-taker role”to “next generation demand management” strategies so as to meetall its corporate needs (&quotTOYOTA MOTOR CORPORATION GLOBALWEBSITE | 75 Years of TOYOTA | Personnel Matters | InformationSystems&quot, 2016). New Jit management strategy has also beenincorporated into the company, and it proved successful. New Jit is asystem that consists of hardware system found in TMS, TDS and TPS anda software system known as the TQM-S that allows for precise TQMapplication (Minter, 2014). Lean production has also been part of thecompany’s corporate strategy. The aim of lean production is toassist clients for internal efficiencies hence helping in maintainingthe margins. The procedure provides ways for efficient leadership soas to reduce cost, while at the same time improve the IT process andthe performance (Minter, 2014).

Risksin Toyota Corporation


Our risk assessment covers the Toyota’s information managementsystems, since it where the company stores its company information,customer and employee details and the technology sales. The companyviews this information as company’s assets, and it invests a lot ofefforts and finances to safeguard that information. Even with secureprotection systems, the company information is still at high risk ofbeing hacked. The company also utilizes its website for onlinemarketing and also in sales of their automobiles, accessories, partsand other commodities. The risk assessment to be done is relevant tothe Toyota Corporation and any other company that feels that theyneed to find sustainable strategies for securing their informationsystems.


Company Toyota Motor Corporation


CompanyHeadquarters: Toyota, Aichi, Japan.


Regionspresent: Japan, Europe, Asia and North America

OrganizationalStructure: Divisional organizational structure

President: Akira OnishiChairperson: Tetsuro Toyoda

CompanyEstimated Worth: $177 Billion (Forbes.com, 2016)

MainBrands: Toyota, Hino, Lexus, and Daihatsu

CompanyWebsite: http://www.toyota.com/

Chapter2: Risk Assessment approach2.1Risk assessment model

The model adopted in carrying out risk assessment was in line withthe method described by the National Institute of Standards andTechnology (NIST), Special Publication (SP) 800-30, RiskManagement Guide for Information Technology.

2.2:Risk Assessment

The primary objective of risk assessments is to develop a soundstrategy for detection and analysis of threats to any system. It is asystem that enables a company to establish not only a sound securityprogram but also develop a risk detection and response strategy. Theextent the company plans to correspond to a risk that is associatedwith the institution’s systems and networks depends on its abilityto detect its occurrence.

RiskAssessment Participants


System Owner

Bobby Cooper

Security Administrator

Alexandra Mercy

Database Administrator

Joe Dewey

Network Manager

Diana Salvador

Risk Assessment Team

Vivian Jean, Oscar Anderson, West Bonny, Sylvia Houston

2.2.1:Step 1: System Characterization

Toyota’s operations solely depend on the Toyota Production System(TPS) information technology that helps it with waste elimination,continuous production improvements and operating with virtually noinventory (Minter, S. 2014). The primary driver of business in Toyotais TPS, and not IT, but it is essential to supporting, enabling anddriving mass scale processes that are derived by TPS adherence. TwoTPS pillars have been refined by Toyota together with other conceptsand production methods that support it. The two components aresupported and enabled and supported by information system processes.These processes include the Just-in-time, that assists in supplychains. Jikoda that are used in controlling production to allowscorrection of defects in vehicles. Kaizen’ is a system that ensuresthat there is continual improvement within the system. Andon is usedto the conveying state of work at any stage using overhead displays,electronic dashboards, plasma screens among others. Poka Yoke is asystem that detects defects or forgotten items within the productionline. Genchi Genbutsu these are a group of information system teamsthat are stationed on site to work with the operations directly. Theyrespond quickly when there is a problem.

Informationgathering technique

The information collected to perform this risk assessment techniquewas mostly sourced from the internet. The research data werecollected from the corporate organizations such as NIST, journals,periodicals, magazines and other relevant articles.


Toyotaapplies proprietary applications in running its manufacturingoperations and technology from the outside vendors so as to manageits business. The preference for the company is to standardize itstechnology so as to eliminate waste.

Table2.2.1.1 System-Related Information




Data for ERP

Oracle 9i



Siebel for automotive


Business Intelligence

SAS Business Intelligence


Business Intelligence

Hyperion Intelligence

Hyperion Solution

Business Intelligence

PowerPlay, Impromtu


Application integration

Tibco BusinessWorks

Tibco Software

Service-oriented architecture


BEA Systems

Parts and accessories forecasting

Demand Planner

i2 Technologies

Plant monitoring system

Activplant Performance

Management System


Plant scheduling system

Assembly Line Control Systems

Toyota proprietary

Dealer Daily vehicle ordering system

SQL Server 2000 Enterprise Edition


Dealer Daily hardware

Dell 2450, 6450,8450 server


Desktop and server applications

Office suite, Windows Server System



Norton, Trend Micro

Symantec, TrendMicro

Mobile messaging

Blackberry Enterprise Server

Research In Motion

Dealership terminals

Citrix WinFrame and MetaFrame

Citrix System

Adaptedfrom: http://www.shmula.com/information-technology-at-toyota/205/

Dataused by the system

Toyotautilizes data in Toyota Production System, Warehouse ManagementSystem and in Learning Management systems

Table2.2.1.2: Data Utilized in Toyota



Warehouse Management System


  • Controlling movement and storage of materials within the warehouse

  • Process associated transactions that includes shipping, receiving, picking and putting away

  • Direct and optimize stock put away based on status of bun utilization

  • Logistics management

Toyota Production System


  • Production

  • Detection of defects

  • Machine monitoring

  • Monitoring production

  • Supply chain management

  • Management of waste

  • Prevention of defects and errors

Learning management system


  • Exchange of knowledge within the company

  • Monitoring and increase of revenue, and productivity

  • Management and distribution of proprietary content

  • Training

  • Administration

  • Production, Updating, and content sharing


Toyota Motor Corporation data and the information are accessed andused by various individuals. Information is made available to ensurethat the customers, the employees and management are updated withdifferent aspects of production, supply and market trends of theirbusiness.

Table2:2.1.3 Information Users




Access the Toyota system via web browser. They log in to their website to book, follow up, pay, report defects and inquire about their automobile purchases

Operations, supply and management IT personnel

Manage the entire information system including networks and firewalls. They also Maintain security configuration of the system, monitoring its operations and respond to any operational failures

Toyota management personnel

Utilize data contained in the database for leadership reporting and the generation of reports or queries about production, supply or security systems.


Follow up production and supply chains for the products. They also access the customer needs and various training. They also monitor business transactions and make audit reports for the company.

Informationflow diagram

Thediagram below shows information systems utilization at Toyota MotorCorporation

Figure1.1 Information system at Toyota adopted from:http://www.1tech.eu/clients/casestudy_toyota3

2.2.2: Step2: Threat Identification

Threats are any possible events or circumstances that can courseharm to information systems. The table below shows gives an outlineof the potential risk source to Toyota, the motivation and the threatactions for identification. Motivation is the driving force fortaking a risk action. The threat action is the measure taken toaddress the threat source. motivation and actions



Threat Actions


  • Reputation

  • Self-worth

  • Peer influence

  • Personal gain

  • Unauthorized access

  • Cyber intrusion crimes

Fire/Water/chemical Damage

  • Accidental Loss

  • Damage to equipment

  • Damage information records and data

Organized Crime

  • Money

  • Data Destruction

  • Ill intensions for the company

  • Revenge

  • Unauthorized access

  • Cyber intrusion crimes


  • Human Error

  • Negligence and Apathy

  • Work overload

  • Unauthorized access

  • Destruction of data

  • Destruction of IS equipment

Natural disasters such as flood and earthquakes

  • Damage to the entire system and company

2.2.3: Step3: Vulnerability Identification

Vulnerability source: there are various sources for vulnerabilitiesfor the Toyota IS. Though the system is more internal, itsvulnerabilities could also originate from the outside includingnatural disasters. and threats



Threat Action


Hackers, Organized Crime, and other Unauthorized Users

Buffer overflows, web defacement and backdoors,


Hackers, Organized Crime, and other Unauthorized Users

unauthorized access to sensitive company and customer data.

Server Configuration / Operating Systems

Hackers, Organized Crime, and other Unauthorized Users

Unauthorized Access, theft, modification, or destruction of data. Designing and sending Virus, worms, Trojans horse infections.


Hackers, terminated and current employees, criminals

Port scan for unused services and exploit open unsecured ports.


Hackers, Organized Crime

Web Page Spoofing, IP Spoofing, Syn Flood, Smurf

Human Threat

Employees, contracted support personnel, terminated personnel

Unauthorized Access, modification, or destruction of data. Inadvertent errors. Damage to IS equipment.

Natural disaster

Damage to the entire systems and company


These are web based applications that are a major source ofvulnerabilities to any information system for it allows any user toaccess company information. The unauthorized party can use webapplications to access private and confidential information, misuseinformation, commit fraud or interrupt businesses. Web applicationscontain scripts that interact with the user. It consists of webpages, application servers, and databases. Due to advancement in ITweb applications have grown into universal conduits. The internetallows people to access information quickly at any geographicallocation hence increasing the vulnerabilities and security risks.Companies like Toyota invest a lot of resources to implement strongsecurity measures and mitigate any risk that can affect the company.

Databases: Database securities are essential for any business, butthey do not respond to threats and vulnerabilities until it is toolate. Some of the security issues facing databases include lack ofestablished security roles and responsibilities, weak user accountsettings, and some database features are unused, and inadequate audittrails.

Serverconfigurations/operating systems

Toyota company applies several applications to run its operationsgiven the complexity of the tasks they perform and since most oftheir activities are automated. These operating systems have chainsof vulnerabilities since they are used for running applicationswithin the IS. They are used by many users and therefore systemhacking, and access to unauthorized information can occur at anypoint (Lee, Salinger, &amp Chen, 2012). Linux and IBM systems arerobust and difficult to configure allowing remote controls fromexternal attacks.

Interconnections: they are used in information sharing betweendifferent servers. They become vulnerable to attacks when secureconnections between servers are not established granting easy accessto information to unauthorized personnel.

Protocols: routing portals can be attacked at any point hence arevulnerable to attacks, affecting transport subsystems. Messages thatcontrol the unauthorized personnel can attack information flow.

Systemsecurity testing

Various tests will be performed in Toyota’s information systemsincluding the TPS, warehouse systems, and learning systems (Lee,Salinger, &amp Chen, 2012). Review of security controls will beperformed on web servers, databases, interconnections, DNS, firewallsystems, OS and password syntaxes.


Japan is vulnerable to a series of natural disasters such asearthquakes and storms that cause flooding and destruction ofproperty. Toyota is not an exception. When Japan last faced a naturaldisaster, the company had to stop its operations. The most vulnerablecomponent of the company is the IS. The company is working on effortsto develop an effective disaster preparedness and response strategy.

Thetable below shows the checklist for Toyota IS vulnerabilities Assessment checklist

Security Area

Security Criteria


Management Security

Assignment of roles and responsibilities

Incident response ability

Periodic security control audits

Risk assessment strategies

Trainings on information security and threat detection

Development of effective policies and controls

Operational Security

Environmental controls such as chemicals, hot water discharge, solid waste controls, air quality controls

Electrical power controls

Fire controls

Chemical controls through MSDSs

Facility protection

Temperature control

Technical Security

Communications controls (e.g. system interconnections, routers)

Intrusion detection

Discretionary access control


Threats and vulnerabilities analysis

Information and data classification

Identification and authentication of data and information

System audit

2.2.4: Step4: Risk Control Analysis

It is important for any company to develop efficient and effective ISsecurity systems to prevent cyber intrusions, hence ensuring that theinformation of the company is always safe. Adequate informationsecurities ensure that the corporation assets, businesses and thewelfare of individuals are protected are protected. The implicationsof cyber intrusions on these resources are far fetching and risk tothe company. Appropriate technical, managerial and environmentalfactors must be put in place to ensure the protection of theseutilities.

Toyota needs to consider several controls to ensure that the IS aresecure

Control methods: they target reduction of risks in system managementand design, improved risk management strategies, neutralization ofrisks through diversification and detainment of risks.

Intrusion detection tools will be applied in risk and vulnerabilitydetection within Toyota’s TPS, Warehouse Management and LearningSystems. Intrusion Detection Systems. These tools will detectmalware, intrusions, and other vulnerabilities within and outside thecompany. It should be noted that Toyota operates within differentregions and risks of information interference or accidental loss ishigh.

2.2.5: Step5: Likelihood determination

Therisk matrix below will be used in determination of likelihood of riskoccurrence in Toyota corporation determinations




Low (10)

Medium (50)

High (100)

High (1.0)

Medium = 10

High= 50

High= 100

Medium (0.5)

Low = 5

Medium= 25

High= 50

Low (0.1)


Low= 5

Medium= 10

Itshould be noted that the matrix gives a combination of the likelihoodand impact, but it is a universal table that can be manipulated basedon one’s experience


1.0:the source of threat is highly motivated and capable of intrusions.The control systems in place are weak, and ineffective againstthreats.

0.5:the threat is probable, and there is significant motivation andcapability. The systems in place have the ability to prevent theoccurrence.

0.1:the threat is negligible due to lack of capability. The controls inplace are robust, and they impede threads significantly

2.2.6: Step6: Impact Analysis

(High)100: Loss of company integrity, confidentiality (Catastrophic)

The company is paralyzed

Destruction of assets

Financial loss

Severe harm to individuals

Lack of mitigation measures

(Medium)50: Loss of company integrity, confidentiality (severe)

Degradation of its mission, goals and objectives

Effectiveness of functions significantly reduced

Significant damage to assets

Significant financial loss

Significant harm to individuals- no loss of life nor life threateninginjuries

Controls are in place to mitigate

(Low)10: Loss of company integrity, confidentiality (limited adverse effects)

Degradation of mission but company can perform primary functions

Minor damage to organizational assets

Minor financial loss

Minor harm to individuals

2.2.7: Step7: Risk Determination

Therisk level of IS intrusion, damage or destruction within Toyota MotorCorporation determination matrix


Low (&lt10)

Medium (&lt50)

High &gt50-100)

Risk Level

Applications = 0.1



Databases = 0.5



Server Configuration /

Operating Systems = 1.0



Interconnections = 0.1



Protocols = 0.1



Natural disasters= 1.0



Assessmentof likelihood of occurrence of intrusions within the Toyota IS. of likelihood occurrence


Likelihood Level





Server Configuration / Operating Systems






Natural Disasters


Chapter3: Recommendations on control and mitigation measures

From the analysis of Toyota Corporation, the likelihood of occurrenceof threat and vulnerabilities is at a very low scale except for theoperation systems and natural disasters. It should be noted thatToyota has invested a lot of its resources in developing robustsecurity systems that offer adequate protection to its informationsystems. It should also be pointed out that Toyota has mainlyinternalized the IS for productions, warehouse management, andlearning. They allow for limited access to company information to theexternal environments. Its data management strategies are also veryeffective since they manage information at every stage of theproduction, supply and marketing systems.

Since information technologies are evolving every day, Toyota alsohas to move with it to ensure that they maintain quality and fastservices to its clients. It has to update its information systemsregularly, and this comes with vulnerabilities. Some of the proposedrecommendation strategies include:

Applications: the company should ensure that it updates itsintrusion detection systems such as antiviruses, do a regularencryption of its servers and ensure that data backup is frequentlydone, since the company operations are massive and data flow isenormous, and forgetting to back it up is common.

Databases can be controlled by ensuring that there is restricteddatabase access, well-established server securities, and encrypteddatabase connections (Minter, S. 2014). Toyota’s database isenormous, and these measures should be strictly implemented toprevent intrusions. Database configuration should also be done shouldbe connected to the external server though it is not recommended forit slows down its performance. Regular warranted updates should bedone to the database regularly.

Operating Systems: Toyota applies several operating systems to manageits systems since most of its operations are automated. Automatedsystems are highly vulnerable to threats (Lee, Salinger, &amp Chen,2012). Hence it is recommended that the OS systems installed shouldbe highly secured through restriction of access, and guarantee thesystems with administrator lock accounts. To minimize human errorsadequate training on operations of these OS should be done to theemployees since they have very complicated commands.

Interconnections: the company should utilize the current IntrusionDetection Systems to detect any attacks, and anomalies that could belinked to the interconnections. Protocols can be secured by designingan Internet Protocol Security systems that are unique to the needs ofthe company.

Natural Disasters: the company is developing a strategic frameworkthat is to be used to respond to future disasters that can affect thecompany. It is recommended that the developed strategy should becomprehensive and sustainable for the business in addressing anynatural disasters that can occur. It should contain a framework foraddressing how information should be secured and the TPS systemssecured in the company.

3.1:Risk Assessment for Toyota Motor Corporation

Item #


Threat Source/ Vulnerability

Existing Controls



Risk Rating

Recommended Controls


Irregular system Updates

Inadequate Backup

Loss of company data


Devise Identifiers

Cookies/ Pixel Tags




Regular updates and regular back up


Data extraction from the interconnections

Hackers and Criminals and unauthorized personnel

Use of Intrusion Detection Systems




Update Intrusion Detection Systems


Application of many application systems

Human Error

Training of personnel




Ensure regular Training of personnel whenever updates are done.


Disaster management plan is being developed


Disaster Recovery

Ongoing planning of effective disaster preparedness and response strategy.

The old strategy is still being utilized




Develop an effective and sustainable disaster recovery plan


Toyota has developed an efficient IS management strategy that isrobust and effective in its operations since most of its activitiesare automated. The company is multinational and therefore vulnerableto threats, but its strategies for addressing Information managementchallenges are very robust and efficient. The likelihood of threat orvulnerability occurrence in the company is low. Its TPS is veryactive, and their security policies and procedures are wellimplemented. Intensive training of staff is done in the corporationto minimize potential vulnerabilities. The company also complies withthe Occupational Safety and Health Act to prevent the occurrence ofrisks such as chemical spillage, fires and other accidents that canaffect the IS.


Gregory, L. (2015). Toyota’s Organizational Structure: An Analysis- Panmore Institute.Panmore Institute. Retrieved 29 September 2016,from http://panmore.com/toyota-organizational-structure-analysis

Jothi, K., &amp Kalaivani, P. (2015). A Study on FinancialPerformance of Honda and Toyota Automobile Company a ComparativeAnalysis. Journal of Progressive Research in Social Sciences, 2(1),33-35.

Lee, J. W., Salinger, J. A., &amp Chen, X. (2012). U.S. PatentNo. 8,244,408. Washington, DC: U.S. Patent and Trademark Office.

Minter, S. (2014). Toyota`s Success with Integrating Technology withLean Manufacturing. Industryweek.com. Retrieved 29 September 2016,fromhttp://www.industryweek.com/iw-best-plants/toyotas-success-integrating-technology-lean-manufacturing

The Contradictions That Drive Toyota’s Success. (2008). HarvardBusiness Review. Retrieved 29 September 2016, fromhttps://hbr.org/2008/06/the-contradictions-that-drive-toyotas-success

Thompson, A. (2015). Toyota External Analysis: Opportunities &ampThreats – Panmore Institute. Panmore Institute. Retrieved 29September 2016, fromhttp://panmore.com/toyota-external-analysis-opportunities-threats

Toyota Global Site | Financial Information. (2016). www.toyota.co.jp.Retrieved 29 September 2016, fromhttp://www.toyota-global.com/sustainability/csr/financial/

TOYOTA MOTOR CORPORATION GLOBAL WEBSITE | 75 Years of TOYOTA |Personnel Matters | Information Systems. (2016). Toyota-global.com.Retrieved 29 September 2016, fromhttp://www.toyota-global.com/company/history_of_toyota/75years/data/company_information/personnel/information_systems/basic_information_systems.html