CNEN
ESG Report Questionnaire

Governance

Risk Management

SDGs

Risk Management

On August 12, 2021, the Board of Directors passed a resolution establishing the SKS Risk Management Policy and Procedures. The Procedures guide the Company to achieve its sustainable development goals by implementing risk management checks and balances and reducing potential operational risks.

The Company's risk management covers a wide range of risks associated with business operations, including market, operational, financial, investment, compliance/contractual, information technology, human resources, occupational hazards, environmental, and other risks. The processes of risk identification, assessment, monitoring, and reporting are executed accordingly and are adjusted in a timely manner in response to changes in the external environment and internal operations.

Risk Management Operations & Supervision Mechanism

Every year, the risk management team compiles risk identification information from each department and convenes a Risk Management Task Force Meeting. This meeting reports to the Board of Directors on its operations at least once a year to ensure the effective implementation of the Company's risk management system.

  • Revise the Company's Risk Management Policy and Procedures as necessary annually.
  • Perform risk assessments for each department and office annually.
  • Convene a Risk Management Task Force Meeting annually.
  • Report to the Board of Directors on the year's operations annually.
  • Emerging Risk Management Mechanism: Risk Identification - Risk Measurement - Risk Monitoring - Risk Reporting & Disclosure - Risk Response. Risk assessment criteria are based on the likelihood of occurrence and the degree of impact for each risk.
  • The Audit Office assists in formulating the following year's audit plan or conducting special reviews for significant annual risks.

Risk Management Organizational Structure

Risk Alert Assessment Process Make

Significant Risk Identification Results and Mitigation Measures

Internal Control System

The internal audit unit of Shin Kong Security is established as an independent entity directly reporting to the Board of Directors. Its primary function is to support the Board of Directors and management by evaluating and reviewing the deficiencies in the internal control system and assessing operational effectiveness. Additionally, it offers timely suggestions for improvement to ensure the continuous and effective implementation of the internal control system. It also serves as the foundation for reviewing and revising the internal control system and issues the Statement of Internal Control System. The Audit Office formulates an annual audit schedule plan in compliance with the law, which is implemented upon approval by the Board of Directors. The results of these audits are submitted to each independent director for monthly review, and the Chief Auditing Officer presents reports on audit operations during regular meetings of the Board of Directors.

2024 Internal Audit Operations
NO. of audit
90
Deficiencies (all of which were non-material)
22
already improved
21
Deficiency being tracked for improvements
1
Note:

As of December 31, 2024, a total of 21 items have been rectified, with one item under ongoing followup. The remaining item is scheduled for completion by the end of June 2025, in line with the information system development timeline.

The Company's audit focuses on several key areas, including the operating procedures of the eight major internal control cycles, regulatory compliance checks, and internal control operations of our subsidiaries. Additionally, in accordance with the Regulations Governing Establishment of Internal Control Systems by Public Companies of the Executive Yuan's Financial Supervisory Commission, we have also established procedures for Internal Accounting Controls, Internal Management Controls, and Internal Audit Implementation Rules. These guidelines encompass eight major cycles of control operations and 19 internal management systems.