v3.26.1
Cybersecurity Risk Management and Strategy Disclosure
12 Months Ended
Mar. 31, 2026
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]
Risk Management and Strategy
In order to strengthen cybersecurity governance in response to the full-scale advancement of software defined vehicles, as well as to address digitalization and the evolution of connected technologies, Honda has established an enterprise-wide cybersecurity risk management framework and related processes that integrate both product security (the security of Honda’s products, including automobiles, motorcycles, and power products) and IT security (the security of the IT infrastructure that supports Honda’s business operations and various services, including connected vehicle services), designed to proactively minimize adverse impacts on Honda’s business operations, results of operations, and brand reputation arising from cybersecurity incidents. These frameworks and processes are based on internationally recognized standards such as ISO/IEC 27001 and are intended to provide a robust operating structure that bridges product development, production, market services, quality assurance, and IT functions.
 
To protect its information systems, proprietary intellectual property, and sensitive customer data, Honda has implemented multi-layered security measures and technical controls across both hardware and software environments. In addition, Honda’s automotive engineering processes and vehicle architectures comply with key industry regulations and international standards, including United Nations Regulation No. 155 and ISO/SAE 21434, an international standard for automotive cybersecurity engineering.
With respect to cybersecurity-related laws, Honda continuously monitors regulatory trends and legislative developments across jurisdictions. Honda has also developed internal policies and procedures based on such laws and regulations, established detailed incident response playbooks, and continuously verifies and strengthens its defense mechanisms through internal cybersecurity exercises, as well as penetration testing conducted by external experts. Furthermore, recognizing the importance of collective defense, Honda actively participates in cross-industry threat intelligence sharing networks, including the Automotive Information Sharing and Analysis Center and the Japan Computer Security Incident Response Team Association, to proactively detect, analyze, and mitigate emerging cybersecurity threats, zero-day vulnerabilities, and malicious activities targeting automobiles and corporate IT infrastructure.
Honda has also implemented solutions designed to enable the detection and isolation of compromised networks and endpoints in order to protect its IT infrastructure. To further strengthen these defense activities, Honda has entered into strategic outsourcing arrangements with external security consulting firms and cybersecurity experts to receive ongoing operational support.
In order to prevent vulnerabilities within the supply chain from being exploited, Honda’s third-party risk management process requires risk-based assessments prior to the introduction and deployment of third-party packaged software and cloud computing services. High-risk vendors and critical suppliers are subject to stringent cybersecurity evaluations. In response to the increasing threat of cyberattacks targeting manufacturing sites and extensive supply chain networks, Honda continuously verifies the status of cybersecurity measures at domestic and overseas production facilities and key suppliers. Based on these verification results, Honda takes proactive measures to enhance supply chain resilience, including supporting suppliers in the implementation of advanced cybersecurity incident management solutions and network monitoring capabilities.
In the event of a material security incident or cyberattack that could have a significant impact on Honda’s business operations, Honda promptly establishes a Global Crisis Management Headquarters under the direct supervision and monitoring of the Risk Management Officer. The supervisory divisions responsible for cybersecurity risks play a central role from an enterprise-wide perspective in rapidly identifying operational impacts, containing threats, and implementing decisive mitigation measures in order to minimize business disruption and facilitate prompt recovery. These comprehensive cybersecurity processes are integrated into Honda’s enterprise-wide risk management system and are discussed in further detail in the “Governance” section below.
For a detailed description of information security-related risks, including cybersecurity risks identified by Honda as of the filing date of this Annual Report, please refer to Item 3. “Key Information—D. Risk Factors—Information Security Risks.”
Honda has been the target of cyberattacks in the past; however, for the past three fiscal years, including the fiscal year covered by this Annual Report, Honda has not identified any risks arising from cybersecurity threats that have materially affected, or are reasonably likely to materially affect, Honda’s business strategy, results of operations, or financial condition.
 
Governance
Based on a resolution of the Board of Directors, Honda has appointed a Senior Managing Executive Officer, who also serves as Head of the Automobile Business Operations as the Risk Management Officer. The Risk Management Officer monitors and supervises the management of significant risks, including cybersecurity risks.
Honda has established a Risk Management Committee, chaired by the Risk Management Officer and also including one Managing Executive Officer and one Executive Officer, to deliberate on important matters related to risk management, including cybersecurity risks. Honda has also established the Honda Global Risk Management Policy, which sets forth the basic principles of risk management, the collection of risk-related information, and response frameworks in the event risks materialize.
In accordance with the Honda Global Risk Management Policy, Honda has designated supervisory divisions responsible for cybersecurity risk, which conduct risk assessments and report the status of cybersecurity risk mitigation efforts to the Risk Management Officer through the Risk Management Committee on a regular basis (twice annually). These designated cybersecurity supervisory divisions are established across both the Quality Innovation Operations and the Corporate Strategy Operations. These divisions comprise personnel with expertise and practical experience in information technology operations, enterprise security architecture, systems auditing, and automotive product security.
The Risk Management Officer possesses broad knowledge and experience in enterprise risk management and, supported by specialized technical expertise and periodic reporting from the cybersecurity supervisory divisions, effectively monitors, evaluates, and oversees Honda’s management of evolving cybersecurity threats. The status of such oversight is reported regularly to the Audit Committee (twice annually) and to the Board of Directors and the Executive Council (once annually).
In the event of a material cybersecurity incident, the cybersecurity supervisory divisions promptly report the occurrence and initial impact assessment to the Risk Management Officer through the Risk Management Committee. Upon receiving such a report, the Risk Management Officer establishes a Global Crisis Management Headquarters, which coordinates with affected organizations to prevent escalation and bring the incident under control. The status of response efforts is promptly escalated and reported to the Board of Directors, the Executive Council, and the Audit Committee based on the judgment of the Risk Management Officer. The Executive Council reviews and discusses the Risk Management Committee reports and provides general guidance on the cybersecurity related activities as necessary. The audit committee independently reports its findings related to cybersecurity risks as part of its overall report on Honda’s internal control systems. The Board of Directors monitors and reviews these reports in connection with its overall assessments of Honda’s enterprise-wide risks.
Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Management Processes Integrated [Text Block]
In order to strengthen cybersecurity governance in response to the full-scale advancement of software defined vehicles, as well as to address digitalization and the evolution of connected technologies, Honda has established an enterprise-wide cybersecurity risk management framework and related processes that integrate both product security (the security of Honda’s products, including automobiles, motorcycles, and power products) and IT security (the security of the IT infrastructure that supports Honda’s business operations and various services, including connected vehicle services), designed to proactively minimize adverse impacts on Honda’s business operations, results of operations, and brand reputation arising from cybersecurity incidents. These frameworks and processes are based on internationally recognized standards such as ISO/IEC 27001 and are intended to provide a robust operating structure that bridges product development, production, market services, quality assurance, and IT functions.
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Text Block]
Honda has been the target of cyberattacks in the past; however, for the past three fiscal years, including the fiscal year covered by this Annual Report, Honda has not identified any risks arising from cybersecurity threats that have materially affected, or are reasonably likely to materially affect, Honda’s business strategy, results of operations, or financial condition.
 
Cybersecurity Risk Board of Directors Oversight [Text Block]
Based on a resolution of the Board of Directors, Honda has appointed a Senior Managing Executive Officer, who also serves as Head of the Automobile Business Operations as the Risk Management Officer. The Risk Management Officer monitors and supervises the management of significant risks, including cybersecurity risks.
Honda has established a Risk Management Committee, chaired by the Risk Management Officer and also including one Managing Executive Officer and one Executive Officer, to deliberate on important matters related to risk management, including cybersecurity risks. Honda has also established the Honda Global Risk Management Policy, which sets forth the basic principles of risk management, the collection of risk-related information, and response frameworks in the event risks materialize.
In accordance with the Honda Global Risk Management Policy, Honda has designated supervisory divisions responsible for cybersecurity risk, which conduct risk assessments and report the status of cybersecurity risk mitigation efforts to the Risk Management Officer through the Risk Management Committee on a regular basis (twice annually). These designated cybersecurity supervisory divisions are established across both the Quality Innovation Operations and the Corporate Strategy Operations. These divisions comprise personnel with expertise and practical experience in information technology operations, enterprise security architecture, systems auditing, and automotive product security.
The Risk Management Officer possesses broad knowledge and experience in enterprise risk management and, supported by specialized technical expertise and periodic reporting from the cybersecurity supervisory divisions, effectively monitors, evaluates, and oversees Honda’s management of evolving cybersecurity threats. The status of such oversight is reported regularly to the Audit Committee (twice annually) and to the Board of Directors and the Executive Council (once annually).
In the event of a material cybersecurity incident, the cybersecurity supervisory divisions promptly report the occurrence and initial impact assessment to the Risk Management Officer through the Risk Management Committee. Upon receiving such a report, the Risk Management Officer establishes a Global Crisis Management Headquarters, which coordinates with affected organizations to prevent escalation and bring the incident under control. The status of response efforts is promptly escalated and reported to the Board of Directors, the Executive Council, and the Audit Committee based on the judgment of the Risk Management Officer. The Executive Council reviews and discusses the Risk Management Committee reports and provides general guidance on the cybersecurity related activities as necessary. The audit committee independently reports its findings related to cybersecurity risks as part of its overall report on Honda’s internal control systems. The Board of Directors monitors and reviews these reports in connection with its overall assessments of Honda’s enterprise-wide risks.
Cybersecurity Risk Role of Management [Text Block]
The Risk Management Officer possesses broad knowledge and experience in enterprise risk management and, supported by specialized technical expertise and periodic reporting from the cybersecurity supervisory divisions, effectively monitors, evaluates, and oversees Honda’s management of evolving cybersecurity threats. The status of such oversight is reported regularly to the Audit Committee (twice annually) and to the Board of Directors and the Executive Council (once annually).
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]
In accordance with the Honda Global Risk Management Policy, Honda has designated supervisory divisions responsible for cybersecurity risk, which conduct risk assessments and report the status of cybersecurity risk mitigation efforts to the Risk Management Officer through the Risk Management Committee on a regular basis (twice annually). These designated cybersecurity supervisory divisions are established across both the Quality Innovation Operations and the Corporate Strategy Operations. These divisions comprise personnel with expertise and practical experience in information technology operations, enterprise security architecture, systems auditing, and automotive product security.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]
In accordance with the Honda Global Risk Management Policy, Honda has designated supervisory divisions responsible for cybersecurity risk, which conduct risk assessments and report the status of cybersecurity risk mitigation efforts to the Risk Management Officer through the Risk Management Committee on a regular basis (twice annually). These designated cybersecurity supervisory divisions are established across both the Quality Innovation Operations and the Corporate Strategy Operations. These divisions comprise personnel with expertise and practical experience in information technology operations, enterprise security architecture, systems auditing, and automotive product security.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] the cybersecurity supervisory divisions promptly report the occurrence and initial impact assessment to the Risk Management Officer through the Risk Management Committee. Upon receiving such a report, the Risk Management Officer establishes a Global Crisis Management Headquarters, which coordinates with affected organizations to prevent escalation and bring the incident under control. The status of response efforts is promptly escalated and reported to the Board of Directors, the Executive Council, and the Audit Committee based on the judgment of the Risk Management Officer. The Executive Council reviews and discusses the Risk Management Committee reports and provides general guidance on the cybersecurity related activities as necessary. The audit committee independently reports its findings related to cybersecurity risks as part of its overall report on Honda’s internal control systems. The Board of Directors monitors and reviews these reports in connection with its overall assessments of Honda’s enterprise-wide risks.