Page 70 - E-BOOK
P. 70

The Company reviews its internal control and risk management regularly, on a yearly basis, through the
             review and approval of each chain of command (Bottom-up approach) and the review and approval of the top
             executives (Top-down approach); in order to monitor and review the important risks that may affect the Company’s
             business operation.


             Roles, duties and responsibilities of related persons in risk management of the Company
                    (A) Board of Directors
                       1.  Defining the risk management policy, give advice, and consider approving the annual corporate risk
                          management plan
                       2.  Promoting and encouraging operation suitable for corporate risk management

                    (B)  The Risk Oversight Committee
                       1.  Reviewing and approving the risk management criterion/methods.
                       2.  Determining the operational risk management guideline for the organization-, department-, unit-,
                          and  office-level;  and  providing  recommendation  and  consultation  on  the  subjects  of  risk
                          management.
                       3.    Monitoring the development of risk management guideline and supervising the creation of a risk
                          management system that corresponds with the Company’s strategies.
                       4.    Monitoring the risk identification process and  evaluating the important corporate risk appropriately,
                          in accordance to the situation.
                       5.  Reviewing and approving the risk management plan.
                       6.  Reporting to the Company’s Board of Directors, regarding the progress of the risk Oversight and the
      68                  corporate risk status.
                       7.  Communicating and coordinating with the Audit Committee, on the subject regarding important risks.
                       8.  Monitoring and promoting further development of employees’ ability, the change of the
                          organizational culture, and the continuous  improvement of the risk management; in order to make
                          every employee recognize  the risks and the risk management of every department.
                       9.  Appointing responsible employees or working groups, in order to ensure the appropriateness and
                          the efficiency of the risk management.


                    (C)  The Audit Committee
                       1.  Independently monitoring the risk management.
                       2.   Coordinating with the Risk Oversight Committee on the subjects regarding significant risks; and linking
                          said risks with the internal control  system, in order to allow the Company to manage such risks
                          appropriately and efficiently, on an organization-wide scale.

                    (D)  The top executives
                       1.  Implementing the risk management on an organization-wide scale.
                       2.  Promoting the risk management policy and specifying the risk management process on an
                          organization-wide scale.
                       3.  Monitoring the corporate risk and implement the appropriate risk management plan.
   65   66   67   68   69   70   71   72   73   74   75