Page 85 - BAM ONE REPORT 2565 (ENGLISH VERSION)
P. 85
79
Form 56-1 One Report 2022
Overview of ESG Disclosure Journey
ESG Disclosure Journey – 7 Sustainable Development Goals
ESG assessment based on ESG principles and criteria and comprehensiveness
Overview of ESG Disclosure Journey according to ESG reporting framework will respond to investors’ requirements
EGS Risk Terminology in sustainable investment dimension.
E-Climate change refers to change of weather conditions involving 2 key risks:
• Physical risk – Physical risk caused by climate change
• Transition risk – Risk from changes in relevant policies, rules and regulations G - Sustainable supply chain refers to management of environmental, social and economic
impacts and promotion of good corporate governance throughout the product and service life cycle
S-Human rights refer to rights inherent to all human beings which are validated as well as management of trading partners.
covering equality, dignity, rights and freedom of thought and action that cannot G - Emerging risk refers to newly arising or potentially arising risk.
be violated and are protected by the Constitution.
Emerging risks
1.) Cyber risk
Today, technology has played a crucial role in business operation. It helps reduce operating costs and
enhanc efficiency in servic provision of th Company However risks may c with th us of technology such as
confidentialit risk, dat integrit and availabilit risk, and risk arising from internet connecti cyb attack i t increasingly
diverse and complicated forms which may pose impacts in a larger scale. Therefore, the Company has attached importance
to risk assessment and installation of tools and programs to boost its IT security and stability and to cope with cyber
threats, and drawn up plans to handle problems arisen and create awareness among its employees on a regular basis.
Moreover, the Company has redesigned its business and service provision processes with enhanced cyber security in
case where its employees are required to work from home under the government’s measures and must connect to
the Company’s IT system in order to safeguard against any cyber thieves or attacks.
2.) Risk from information access or use that may tarnish the Company’s reputation and adversely affect
its business
Since the Company has to process a large volume of customer data in its business operation, it is exposed
to risk concerning access to and management of such information, comprising:
(1) Protection of data compiled and stored in the Company’s IT system, and protection against intrusion of
the IT system by outsiders or against human error or offence committed by its employees;
(2) High priority to data privacy, disclosure and protection; and
(3) Compliance with laws governing the use and disclosure of personal data.
