Identify business risks based on business objectives across value chain
Risk
Identification
Risk
Assessment
Analyze and assess risks
and prioritize based on likelihood of occurrence and potential impact
ENTERPRISE RISK MANAGEMENT
Menu
Enterprise Risk Management
Enterprise Risk Management (ERM) is an integral part of our business operation planning and organization culture. ERM is applied to all business units and personnel to ensure business objectives are met while minimizing the probability and impact of potential risks, along with mitigating them. These considerations include internal and external aspects that may arise from within our organization and from other market factors.
Our ERM framework and processes are implemented in accordance with the Committee of Sponsoring Organization of the Treadway Commission (COSO) and ISO 31000:2018 Risk management guidelines. This has aided us in the execution of risk governance and culture, risk assessment and review that aligns our corporate strategies and sustainability development goals.
Enterprise Risk Management Structure
Once risk has been identified, they are categorized as follows; (1) Strategic Risk, (2) Operational Risk, (3) Reporting Risks, and (4) Compliance Risk. This allows us to assess and obtain a holistic view as to the potential affects the risk may have on internal and external functions and affects to related parties. The RMO coordinates with each business unit’s RC and RO to guide, follow-up, and implement mitigation plans, which results are monitored via Key Risk Indicator (KRI) reports.
Enterprise Risk Management Processes
The Group performs a risk management process by identifying corporate risks and unit risks along the value chain corresponding to the business direction and organizational goals including risk assessment, risk monitoring and control, reporting and Effective Risk Management Processes Promote Long-Term Corporate Sustainability Management communication, and regular review of the sufficiency and effectiveness of risk management of each unit involved. We established a Risk Management Committee to be responsible for the implementation under the supervision of the Board of Directors.
Report performance of risk management to the Board of Directors and management and communicate to stakeholders
Risk Report &
Communication
Risk Monitoring &
Review
Regularly monitor and evaluate mitigation plans, sensitivity analysis, stress testing, Key Risk Indicators (KRIs), and internal controls on a regular basis
Business Continuity and Crisis Management
To ensure business continues uninterrupted, we have implemented plans that will allow for personnel flexibility, operation, and production contingencies and employment of new technology to optimize our effectiveness and safety
To ensure that our business continues uninterrupted and that you will not be affected by it, we have implemented plans to keep our operation and production facilities running smoothly, utilize technology to facilitate communication and adaptability of our personnel to serve you, our stakeholders and partners.
Report & Communication
Report performance of risk management to the Board of Directors and management and communicate to stakeholders
Risk Identification
Identify business risks based on business objectives across value chain
Monitoring & Review
Monitor and evaluate mitigation plans and internal controls on a regular basis
Risk Assessment
Analyze and assess risks
and prioritize based on likelihood of occurrence and potential impact