Page 57 - Anual report STi 2022_eng
P. 57
Definition of Enterprise-Wide Risk Management 6. Take into account the personal factors and
Enterprise-wide risk management is a process that is organizational culture in terms of competence, perception, and
established and implemented by the Board of Directors, executives, intention of personnel which is an important part of achieving the
and all employees in the organization to be used in setting objectives of the organization.
strategies and applying to all departments across the organization. 7. Operate in accordance with the Risk Profile and the
However, the Board of Directors places great importance internal and external environment of the organization in each
on risk management in the organization in order to manage period.
risks efficiently and effectively. The Board therefore has 8. Get appropriate and timely cooperation from both
appointed the Risk Management Committee which consists internal and external stakeholders for appropriate risk
of a risk management working group that are executives from consideration or decision-making processes.
various fields directly involved in risk management. 9. Continue to operate and regularly update the policy
Principles of Practice or risk management guidelines to be in line with changes or new
The key elements of the Company's enterprise-wide risk knowledge of risk management.
management include: 10. Help the organization to continuously improve the
● Fundamental Principles of Risk Management Company's operations as a result of constantly improving and
reviewing risk management guidelines in order to reduce the
● Acceptable Risk
likelihood or reduce the impact of risks that may arise from
● Risk Management Process activities in all aspects of the Company.
● Roles and Responsibilities Acceptable Risk
The Company is committed to continuously developing The Board of Directors has established and
and improving the risk management system throughout the communicated the risk appetite of the Company which
organization by operating in accordance with the following basic depends on the choice between the hypothetical risk,
principles: the likelihood, and impact if the risk occurs to serve as
Basic Principles of Risk Management management and operational guidelines for employees and
The Company is committed to continuously developing their ability to accept and manage risks.
and improving the risk management system throughout the The Company has set the maximum risk that the
organization by operating in accordance with the following organization is ready to handle and can accept. It is
basic principles: established by the management under the supervision of the
Risk Management Committee. It is used to assess and
1. Be an integral part of corporate governance, manage risks and to use as a guideline for determining the
planning, and reporting processes at both operational and organization's strategy for appropriate resource allocation. In
strategic levels.
determining the risk appetite, the Company takes into account
2. Help decision-makers to formulate alternatives and internal factors, such as risk aversion and external factors,
predict the consequences of each choice and prioritize operations. such as the level of uncertainty of the business environment
3. Able to control and manage uncertainties to of the organization. If any risks that have been analyzed and
maximize returns and reduce losses. assessed may have an impact on the Company beyond the
4. Be consistent across the Company to help achieve risk appetite, the institution that owns the risk shall develop
effective results to be comparable and reliable. a risk management action plan and reports to the Risk
Management Committee. The risk appetite will be reviewed
5. Base on modern and effective information. Able to 1 time a year and will be prepared at the same time as the
access important relevant information in a timely manner.
Stonehenge Inter Public Company Limited 55