Page 208 - BAM ONE REPORT 2565 (ENGLISH VERSION)
P. 208
202
6.3 Monitored the operational improvement plans according to the IT risk gap analysis report by a consulting
company, provided advice on managing cyber threats to align with its business operation direction focusing on digital
financial services, by coordinating with the Information Technology Strategy Department in making preparation to prevent
Bangkok Commercial Asset Management Public Co., Ltd.
cyber attacks, such as phishing, ransomware, etc., and put in place the phishing test to create awareness and understanding
among the Company’s personnel on a regular and comprehensive basis.
6.4 Gave importance to and monitored progress of joint venture projects with financial institutions, particularly
those concerning potential risk in establishing joint venture projects.
7. Work integration under the GRC principles
Integration of work processes related to governance, risk management and compliance (GRC) was
enhanced by holding joint meetings between the Risk Oversight Committee and the Audit Committee to consider and
give advice on key operational risk and drive formulation of clear measures to prevent and mitigate such risk, and
ensured report on enterprise risk status to the Audit Committee on a quarterly basis to enhance coordination and
exchange of relevant information and foster GRC atmosphere and culture across the organization.
8. Review of the Charter
The Risk Oversight Committee reviewed the Charter on the topics of the composition and the term of office
of the Committee to be appropriate and in alignment with the best practice of good corporate governance.
The Risk Oversight Committee has prudently and carefully performed duties as specified in the Risk
Oversight Committee Charter and has made best use of knowledge and experience and with full capabilities of all the
Committee members in the best interests of the Company.
(Mr. Songpol Chevapanyaroj)
Chairman of the Risk Oversight Committee
