Sustainable Risk Management

To improve the governance and implement risk management that should receive attention in corporate operations, ASUS established the sustainability risk management platform at the end of 2016. We believe a systematic risk management approach would strengthen the counter-measures in response to risks, thus reducing the chance of major operational risks turning into crisis.

The sustainability risk management platform follows ASUS internal governance structure and internal control mechanism, including 2 teams: 1) the sustainability risk management promoting team: including sustainability development office, financial department, occupational safety department, legal department, human resources department, computing center, and operational units, responsible for identifying risk issues and managing approaches in response to risks. The Chief Sustainability Officer acts as the convener and oversees regular cross-department risk management meetings, drafting approaches for relevant risk issues, and report the annual risk management reports to the Audit Committee; 2) the risk management mechanism supervisory team: audit office is in charge to monitor whether the sustainability risk management follows regulations, while the Chief Auditor reports to the Audit Committee. The Audit Committee will decide whether to report to the Board according to the materiality of the risk reports.

In 2017, the risk management platform had systematically conducted risk identification, risk evaluation, and risk addressing and monitoring mechanism for the first time. The annual risk report was presented in the audit committee to demonstrate the coping strategy and management operations of major risks in January, 2018.

7 major risk issues of 2017 with specific management plans and achievements of implementation for each risk were reviewed. Afterwards, the supervisors of each unit are responsible for monitoring the effectiveness of the implementation while the platform shall continue to monitor the major risk issues and reduce the impact to a manageable level.

The sustainability risk management promoting team continues to collect intelligence on international trends and on risks that may be faced by the electronics industry. It plans to expand the coverage of risk issues by including operational risks such as after-sales services and quality management in the following year. We hope to build up a corporate risk culture that would proactively cultivate the ability to adapt to changes through the establishment of the risk management platform, and to implement corporate risk management through strict risk management system and follow-up actions.

The 2017 Audit Committee had decided to report materiality of the ESG risk analysis reports including climate change, information security, employee health management, sustainable supply chain management in the 2018 first Board meeting.
There is no claim or incident of non-compliance through risk management platform.

Description of risk Potential business impact of the risk Mitigating actions
Sustainable supply chain of labor risk In response to the emerging market trends of the manufacturing industries shifts, other than quick understanding and implementing risks in line with the local labor laws, the responsive strategies adoption also consider the rise of labor awareness and market cost pressures.
In addition, avoiding the violations of local laws and regulations which has potential adverse effects on the brand image and product sales impact for the local market. If the negative news regarding to the labor risks are not handled properly, it will be resulted in an impact on the product sales, the preliminary estimation of the financial impact is about NTD $150 million based on the internal assessment.
1.Quick study, understanding and implementing risks in line with local labor laws and regulations
2.Review and modify the ASUS Supply Chain Code of Conduct
3.Set up overseas new market supply chain management guidelines
4.Strengthen the labor awareness and human rights management
Emerging technology information security risk The business organizations need to face the information security issues such as cloud-based, IoT, etc., due to the emerging technology that have become a global issue in the smart networking era. If the global sales customers and members information are unable control safely, it will has potential adverse effects on the brand image and product sales impact. If the improper information security control leads to the lawsuits that filed by the customers or negative news, it will be resulted in an impact on the company's image and product sales, the preliminary estimation of the financial impact is about NTD $180 million based on the internal assessment. 1.Pay attention and response to the major international information and security events
2. Inspect the internal control of information and security inspection mechanism
3.Promote the cloud service security and trap security technology