Page 220 - BAM ONE REPORT 2565 (ENGLISH VERSION)
P. 220
214
3.5 Requirement of regular submission of a channels; for example, the use of Intranet,
report on the enterprise risk status and risk e-mail, etc.
alert to the Risk Oversight Committee, the 4.4 Implementation of risk management with
Audit Committee and the Board of Directors the KRIs-based early warning system, in
Bangkok Commercial Asset Management Public Co., Ltd.
on a monthly and quarterly basis. order to allow the executives to monitor
the organization’s risk status, which is set up
Moreover, the Company defines the scope of in the Company’s MIS.
power, duties and approval authority of executives at each
level in the operational regulations, with the aim to clearly 5. Monitoring Activities
segregate the duties in different processes. This is an important The Company puts in place the system that
control activity that ensures the adequate and appropriate monitors and evaluates its internal control in order to
control of operation at all levels of the organization and ensure that its internal control system remains efficient and
the checks and balances between departments, especially effective and is capable of performing the monitoring and
for the activities with potential interest or conflict of evaluation tasks completely and appropriately as it is
interest. designed for, as well as managing the ever-changing risks
in each time period, as follows:
4. Information and Communication 5.1 Monitoring and assessment of internal
The Company puts in place the information and control performance on a regular basis at
communication systems both inside and outside of the least once a year in order to ensure the
organization in order to improve the efficiency and effectiveness appropriateness of the internal control
of its business operation. The overview of the Company’s system.
performance in this regard is as follows: 5.2 Assignment departments t prepare
4.1 Formulation of action plans for the BAM and present their reports in order to review
Digital Enterprise Project in order to incorporate their operation.
the information system into the Company’s 5.3 Arrangement of the Internal Audit Department
key strategic plan, which supports the to directly report to the Audit Committee.
improvement of operational efficiency and 5.4 Monitoring and reporting of all risk-related
effectiveness, covering three main issues: issues to the Risk Oversight Committee, the
• Infrastructure Audit Committee, and the Board of Directors
• New core on a regular basis.
• Data governance
4.2 Provision of information to support the The Company’s Risk Oversight Committee, Audit
appropriate communication both inside and Committee, and Board of Directors review the sufficiency
outside of the organization and, thus, enable evaluation of the Company’s internal control system, and
the organization to operate and achieve its deems that the Company’s internal control system and
objectives. risk management system are appropriate and sufficient for
4.3 Implementation of the appropriate and its business operation and conform with the guidelines set
efficient communication processes and forth by the SEC.
