Page 68 - BAM ONE REPORT 2564 (ENGLISH VERSION)
P. 68
66 Part 1
Business Operation and Performance
Moreover, every employee is responsible for following the risk management policy and guideline specified
by the Company. They are also responsible for risk management operation, in accordance with the scope of their
responsibility. And for this, the Company communicates and educates its executives and employees about the risk
management guideline and policy, as well as about the internal control, risk management, good corporate governance,
etc.
The Company’s systemic risk management processes and procedures
The Company has followed the processes and procedures under the COSO ERM 2017 Framework, entailing five
components and 20 principles as follows:
BUSINESS
MISSION, VISION STRATEGY OBJECTIVE IMPLEMENTATION ENHANCED
& CORE VALUES DEVELOPMENT & PERFORMANCE VALUE
FORMULATION
Information
Governance Strategy & Performance Review Communication,
& Culture Objective-Setting & Revision
& Reporting
(1) Governance & Culture
Principle 1: Exercises board oversight
Principle 2: Establishes operating structures
Principle 3: Defines desired culture
Principle 4: Demonstrates commitment to core values
Principle 5: Attracts, develops, and retains capable individuals
(2) Strategy & Objective Setting
Principle 6: Analyzes business context
Principle 7: Defines risk appetite
Principle 8: Evaluates alternative strategies
Principle 9: Formulates business objectives
(3) Performance
Principle 10: Identifies risk
Principle 11: Assesses severity of risk
Principle 12: Prioritizes risk
Principle 13: Implements risk response
Principle 14: Develops portfolio view
