Risk Management
Enterprises are facing risks that become complex and thus the ability to prevent risks and recover from emergencies are tested. A well-structured risk management mechanism could form a good protection through identifying possible future challenges and ensuring that it can response to the threats and have the ability to perform continuous operations, demonstrating organizational resilience. According to the "Global Risks Report 2021" recently published by the World Economic Forum (WEF), the major risks that may affect the world in the next decade include economic confrontation between major powers, political fragmentation, extreme climate change, cyber attacks, etc. Businesses must take adequate measures to protect themselves from these risks as early as possible.
Risk Management Policy
- Proactively deploy management measures in response to risk threats.
- Demonstrate organizational resilience and ensuring operational continuity.
Goals
- Establish Key Risk Indicators (KRI) for real-time monitoring.
- Establish short, medium and long-term risk prevention plans,and review and improve them on a regular basis.
- Continuously strengthen various emergency response strategies and execute regularly drills
Business Continuity Management Committee
To ensure more comprehensive and routine risk management, ASUS established the Business Continuity Management (BCM) Committee to focus on critical risks that are not urgent. We actively identify possible future hazards and ensure that we can respond to threats and maintain continuous operations.
The BCM Committee summarizes the annual risk management report and submits the BCM management performance to the board of directors at least once a year. On July 20, 2022, the BCM policies and procedures, the organizational structure and management scope of the BCM Committee, and the annual operation summary werereported to the board of directors.
Organization | Role |
---|---|
Board of Directors | Oversees the strategy development of the BCM Committee |
Co-Chief Executive Officers (co-CEOs), Chief Operating Officer (COO), and senior business executives | Implement joint supervision, review and establish protection mechanisms in daily operations |
Taskforce Units (TUs) | Responsible for monitoring risk trends and preventive risk management in all areas, and are responsible for developing quantifiable KRI( Key Risk Indicator) and risk prevention plans. When the risk occurs, they must respond immediately and establish an emergency contingency plan to minimize the impact and disruption time. |
Risk Assessment Procedures
Risk Identification
Risk event identification
Risk value calculation
Acceptable risk level
Risk Improvement
Low
- Set up KRI for continuous monitoring
Medium/High
- Set up KRI for continuous monitoring
- Set up risk prevention plan
Impact Mitigation
High
- Set up emergency contingency plan
Emerging Risks and Results of Identification
According to the definitions of the Corporate Sustainability Assessment (CSA), "emerging risks" are newly identified potential risks and known potential threats that could harm the business in the long run. We integrated the nine major categories of BCM and identified 20 risk incidents based on the Global Risks Report 2021 published by the World Economic Forum (WEF). The BCM Office reviewed each risk incident to verify whether it meets the CSA definitions of emerging risks and evaluated its impact, and then identified four major emerging risks of concern to ASUS.
Emerging Risk Identification Procedures
Step.1
Collect international risk trends
Step.2
All BCM units identify risks
Step.3
Identify emerging risks and analyze impacts
Step.4
Pay attention to emerging risks and establish an adaptation plan
Please refer toASUS Adaptation Actions Regarding 4 Major Emerging Risksin the report.