Article 3
|
(Enterprise risk management principles)
It is advisable for a TWSE or TPEx listed company to follow the principles below in its establishment of a risk management system:
- Integration: to include risk management as a part of all activities.
- Structure and comprehensiveness: to promote risk management in a structured and comprehensive manner to obtain consistent and comparative results.
- Customization: to devise an appropriate risk management framework and process based on the environment, scale, business features, nature of risk, and operating activities of the enterprise.
- Accommodation: taking into account the needs and expectations of stakeholders, to enhance and fulfill their understanding of and expectations for enterprise risk management.
- Development: to project, monitor, familiarize itself with, and respond to changes in the internal and external environment of the enterprise appropriately and promptly.
- Effective information use: to rely on historical and current information as well as future trends inits risk management development and provide such information to stakeholders promptly and clearly for reference.
- Personnel and culture: to increase the level of importance attached by the governance and management units to risk management, increase the overall risk awareness of the enterprise through a sound risk management training mechanism across the board, and treat risk management as part of corporate governance and day-to-day operations.
- Constant improvement: improve risk management and related operating procedures constantly through learning and experience.
|