Page 71 - E-BOOK
P. 71
4. Supporting the development of employees’ ability, as well as the required tools and systems
for the operation.
(E) The Organizational Development and Risk Management Department, including the Enterprise Risk
Management Team and the Financial Risk Management Team
1. Preparing and reviewing the risk management policy; specifying the risk management guideline and
process for departments/ units/ offices, in order to propose them for the Risk Oversight Committee’s
approval.
2. Communicating, supporting, and providing recommendation on the risk management process to
departments/ units/ offices of the organization.
3. Monitoring and reporting the risk situation to the executives of each department, the top executives,
the Risk Oversight Committee, the Audit Committee, and the Company’s Board of Directors.
(F) The Internal Audit Department
1. Supporting top executives and Audit Committee in the monitoring of the internal control system and
he risk management.
2. Preparing the audit plan for each department, in accordance with the risk-based approach.
3. Reviewing the risk management.
4. Communicating with the risk management groups, in order to reach an understanding about the
risks and the internal audit operation. 69
Moreover, every employee is responsible for following the risk management policy and guideline specified
by the Company. They are also responsible for risk management operation, in accordance with the scope of their
responsibility. And for this, the Company communicates and educates its executives and employees about the
risk management guideline and policy, as well as about the internal control, risk management, good corporate
governance, etc.
The Company’s systemic risk management processes and procedures
The Company specifies the risk management processes, which comprise of the following procedures.
(A) Objective setting
The Company variably specifies the objectives and goals for each level, from the organization-level, the
department-level, and the unit-level. These objectives and goals are consistent to one another and they are made
under the Company’s vision, mission, strategic plans, and operational plans. The Company also determines the key
performance indicators for each level of those goals.
Setting up objectives is the primary criterion that allows the Company’s to identity the situations, evaluate
the risks, and respond to such risks efficiently. Also, the objectives must be consistent with the level of risk that is
acceptable to the organization (Risk Appetite), which determines the deviation interval of the risk tolerance.
