Annual Report 2023

Corporate Governance Report 企業管治報告 77 舜宇光學科技（集團）有限公司 • 2023 年報 董事會認為，高度專注於風險及合規情況有利 於本公司及其員工的持續發展及成長。於建立 企業風險管理系統時，本公司所有關鍵職能均 由本集團風險管理工作小組執行，並推行以下 舉措： 1. 企業風險評估－識別本集團主要業務風險 並區分優先次序； 2. 企業風險應對－評估相關內部監控及降低 風險的措施； 3. 風險管理落實情況監督－審議風險管理落 實情況檢查報告且每月跟進應對情況； 4. 建立關鍵風險指標庫－識別現有風險監控 指標，監控指標的運行情況，並通過風險 管理系統適時進行風險預警； 5. 完善風險清單庫－識別並建立符合本公司 實際情況的風險清單庫； 6. 風險管理與多體系融合－將風險管理與戰 略管理、國際標準化組織（「 ISO 」）體系、 失效模式與效應分析（「 FMEA 」）體系等多 體系融合； 7. 風險管理與業務融合－將風險管理融入 到各業務單元常態化工作中，針對重點風 險進行人員、資源投入以及流程優化，集 中資源應對風險相對較高的業務活動，不 斷完善風險管理體系與本集團業務間的融 合； The Board believes that a heightened focus on risk and compliance is beneficial for the ongoing development and growth of the Company as well as its staff. In establishing the ERM system, all key functions of the Company were carried out by the Risk Management Group of the Group to undertake the following exercises: 1. Enterprise risk assessment – to identify and prioritise the Group’s key business risks; 2. Enterprise risk response – to assess the related internal controls and risk mitigating measures; 3. Monitor the implementation of risk management – to review the inspection report on implementation of risk management and follow up with the response situation every month; 4. Build the library of key risk indicators – to recognise existing risk monitoring indicators, monitor the operation of the indicators and make appropriate risk early warning through the risk management system; 5. Improve the risk checklist – to identify and build a risk checklist which is suitable to the actual situation of the Company; 6. Risk management and multi-system integration – to integrate risk management with strategic management, the International Organization for Standardization (“ ISO ”) system, the Failure Mode and Effect Analysis (“ FMEA ”) system and other systems; 7. Risk management and business integration – to integrate risk management into the normal operation of each business unit, invest in personnel and resources and optimise the process for key risks, concentrate resources on business activities with relatively high risks, and continuously improve the integration of the risk management system and the businesses of the Group;