Skip to content

Enterprise Risk Management

Enterprise Risk Management (ERM) is an integral part of our business operation planning and organization culture. ERM is applied to all business units and personnel to ensure business objectives are met while minimizing the probability and impact of potential risks, along with mitigating them. These considerations include internal and external aspects that may arise from within our organization and from other market factors. 

 

Our ERM framework and processes are implemented in accordance with the Committee of Sponsoring Organization of the Treadway Commission (COSO) guidelines. This has aided us in the execution of risk governance and culture, risk assessment and review that aligns our corporate strategies and sustainability development goals.

Enterprise Risk Management Structure

Once risk has been identified, they are categorized as follows; (1) Strategic Risk, (2) Operational Risk, (3) Reporting Risks, and (4) Compliance Risk. This allows us to assess and obtain a holistic view as to the potential affects the risk may have on internal and external functions and affects to related parties. The RMO coordinates with each business unit’s RC and RO to guide, follow-up, and implement mitigation plans, which results are monitored via Key Risk Indicator (KRI) reports.

Business Continuity and Crisis Management

To ensure business continues uninterrupted, we have implemented plans that will allow for personnel flexibility, operation, and production contingencies and employment of new technology to optimize our effectiveness and safety 

 To ensure that our business continues uninterrupted and that you will not be affected by it, we have implemented plans to keep our operation and production facilities running smoothly, utilize technology to facilitate communication and adaptability of our personnel to serve you, our stakeholders and partners.


Identify business risks based on business objectives across value chain

Risk
Identification

Risk 
Assessment

Analyze and assess risks
and prioritize based on likelihood of occurrence and potential impact

Report performance of risk management to the Board of Directors and management and communicate to stakeholders

Report &
Communication

Monitoring &
Review

Monitor and evaluate mitigation plans and internal controls on a regular basis

Report & Communication

Report performance of risk management to the Board of Directors and management and communicate to stakeholders

Risk Identification

Identify business risks based on business objectives across value chain

Monitoring & Review

Monitor and evaluate mitigation plans and internal controls on a regular basis

Risk Assessment

Analyze and assess risks
and prioritize based on likelihood of occurrence and potential impact