Risk Management

Risk Management Policies and Procedures

The company's "Risk Management Policy and Procedures" was approved by the board of directors on November 12, 2020, as the highest guiding principle of the company's risk management; the company regularly assesses risks every year and formulates risk management policies for various risks. Covers management objectives, organizational structure, ownership of rights and responsibilities, and risk management procedures and implements them to effectively identify, measure, and control various risks of the company, and control the risks arising from business activities within an acceptable range.

Risk Management Type

The company's risk management includes the management of "hazard risk", "operational risk", "financial risk", "strategic risk" and "compliance risk".

Organization

Operation

On December 28, 111 (2022), we reported the status of risk management operations to the Board of Directors as follows:
I. Regular Supervisory Meetings: We hold weekly meetings every Wednesday with department heads to address the following identified risks and
ensure proper control:
  • Operational Risk: We discuss the overall operational status of the company, including order acquisition, production, and shipping processes.
  • Strategic Risk: We gather, integrate, analyze, and assess information on domestic and international fluctuations in raw material prices to effectively determine future strategic directions.
  • Financial Risk: We review the financing status and provide explanations regarding customer accounts receivable.
II. Weekly Industry Newsletter: Our Administration Department regularly produces a steel industry newsletter, which is distributed to managers and
sales personnel. This initiative enables our staff to stay informed about market demands and trends, thereby reducing operational risks.
III. Information Security Management: To ensure robust information security, we strictly manage data utilization and security maintenance. Annually, we engage a professional team, "Dingxin Computers Co., Ltd.," to assist in conducting assessments. The scope of the assessment includes the procurement of firewalls, antivirus software for personal computers, antivirus software for server hosts, system database backups, regular hardware maintenance, and disaster recovery drills. These measures are implemented to minimize information security risks within the company.