Corporate Governance

Organization ○BOD & Functional Committees Major Internal Regulations Internal Audit Risk Management Intellectual Property Management
Risk Management

Risk management is an important part of maintaining business operations. The company acknowledges the existence of risks and is committed to implementing various policies and measures to reduce risks in order to create sustainable value for stakeholders and business opportunities for the company. The company, for effectively strengthening risk management, has constantly paid attention to the industry trends and market changes, grasped the trend of risk changes, and formulated management and control strategies and practices for major potential risk scenarios; also, regularly confirm and track the effectiveness of inspections in order to pursue optimized management cost-effectiveness within the acceptable risk.

The company and the subsidiaries, while engaging in operating activities, should carefully review potential internal and external risks from the perspective of sustainable corporate operations; also, formulate relevant operating standards in accordance with the company’s “risk management policies and procedures” to identify, measure, control, and monitor the potential business risks, to implement the operation of the risk management mechanism, and to enhance the risk management effect.

Information Security Management Framework

The Company has founded the "Information Security Committee" in 2017 to be responsibile for information security management. The Chariman and CSO of the Company is appointed as the chairperson of the "Information Security Committee. The high-level supervisors of each unit serve as the committee members. The unit head of Information Technology serve as executive officers. The Audit Unit is also take part in order to provide opinions on the procedures and regulations. The Information Technology Unit holds an internal information security meeting quarterly to promote information security policies, plan and implement the information security operations; also, report the company's information security governance overview to the “Information Security Committee” and the “Board of Directors” at least once a year.