Skip to content

Enterprise Risk Management

Enterprise Risk Management (ERM) is an integral part of our business operation planning and organization culture. ERM is applied to all business units and personnel to ensure business objectives are met while minimizing the probability and impact of potential risks, along with mitigating them. These considerations include internal and external aspects that may arise from within our organization and from other market factors. 

 

Our ERM framework and processes are implemented in accordance with the Committee of Sponsoring Organization of the Treadway Commission (COSO) and ISO 31000:2018 Risk management guidelines. This has aided us in the execution of risk governance and culture, risk assessment and review that aligns our corporate strategies and sustainability development goals.

Enterprise Risk Management Structure

Once risk has been identified, they are categorized as follows; (1) Strategic Risk, (2) Operational Risk, (3) Reporting Risks, and (4) Compliance Risk. This allows us to assess and obtain a holistic view as to the potential affects the risk may have on internal and external functions and affects to related parties. The RMO coordinates with each business unit’s RC and RO to guide, follow-up, and implement mitigation plans, which results are monitored via Key Risk Indicator (KRI) reports.

Enterprise Risk Management Processes

The Group performs a risk management process by identifying corporate risks and unit risks along the value chain corresponding to the business direction and organizational goals including risk assessment, risk monitoring and control, reporting and Effective Risk Management Processes Promote Long-Term Corporate Sustainability Management communication, and regular review of the sufficiency and effectiveness of risk management of each unit involved. We established a Risk Management Committee to be responsible for the implementation under the supervision of the Board of Directors.


Identify business risks based on business objectives across value chain

Risk
Identification

Risk 
Assessment

Analyze and assess risks
and prioritize based on likelihood of occurrence and potential impact

Report performance of risk management to the Board of Directors and management and communicate to stakeholders

Risk Report &

Communication

Risk Monitoring &

Review

Regularly monitor and evaluate mitigation plans, sensitivity analysis, stress testing, Key Risk Indicators (KRIs), and internal controls on a regular basis

Business Continuity and Crisis Management

To ensure business continues uninterrupted, we have implemented plans that will allow for personnel flexibility, operation, and production contingencies and employment of new technology to optimize our effectiveness and safety 
 
 To ensure that our business continues uninterrupted and that you will not be affected by it, we have implemented plans to keep our operation and production facilities running smoothly, utilize technology to facilitate communication and adaptability of our personnel to serve you, our stakeholders and partners.
Report & Communication

Report performance of risk management to the Board of Directors and management and communicate to stakeholders

Risk Identification

Identify business risks based on business objectives across value chain

Monitoring & Review

Monitor and evaluate mitigation plans and internal controls on a regular basis

Risk Assessment

Analyze and assess risks
and prioritize based on likelihood of occurrence and potential impact