Management Structure of Risk Governance
Organization of the Risk Management Committee
Qisda framed risk management policies and organized the Risk Management Committee (RMC) in 2005 in accordance with the ISO 31000 Risk Management–Principles and Guidelines. With importance placed on the systematic operation of risk management, the vision and policies for risk management are established and the management goals and performance indicators are set up for constant follow-up, which helps effectively control the risks that exceed the Company’s risk tolerance. Meanwhile, management tools are utilized to ensure the optimization of total risk management cost.
A joint defense mechanism of over 180 companies, centering on Qisda, has been established to convene regular meetings, establish reporting channels, set up an information exchange platform, integrate group resources, and bring the unified strength into full play.
Qisda’s 2021 risk radar chart for risk identification
Risk Management Process
The Risk Management Committee holds quarterly meetings and may convene special meetings for significant developments. The Chairman of the RMC outlines the major corporate-level risks for the year, and committee members identify and address risks within their respective units, developing risk mitigation strategies. We establish measurable Key Risk Indicators (KRIs) and track them quarterly to ensure our organizational objectives are met. During meetings, we review major domestic and international issues, regulatory changes, and unusual events, proposing effective response measures. Annually, we report the status of risk management operations to the Audit Committee and the Board of Directors
Business Continuity Management System (BCMS)
Qisda framed risk management policies and organized the Risk Management Committee (RMC) in 2005 in accordance with the ISO 31000 Risk Management–Principles and Guidelines.In 2021, Qisda’s Risk Management Committee identified a total of 35 key risks based on the risk radar chart and risk checklist. We formulate corresponding business continuity plans (BCPs) based on the simulation of various significant risk scenarios, and carry on the updates and drills of risk scenarios to make sure that the organizational operation can still go on when being impacted.The operational scope of the business continuity management system (BCMS) covers the entire Qisda Group, including more than 180 companies thereunder.Through the discussions on projects at regular meetings, information integration and sharing of practical experience, we integrate the loss prevention resources of the Group and enhance the Group’s emergency response capabilities to reach the target of risk control