CH. 3 Corporate Governance
45
We hope to achieve the lowering of risks, as the following:
Impact
Now
Frequency
Impact
After Risk Improvement
Frequency
Improvement
Plan
To ensure that all potential risks can be effectively
monitored, each risk management unit should carry out
at least one risk evaluation procedure every 6 months to
ensure that we can implement risk management well. At
the same time, all employees of CTCI should shoulder the
responsibility of reporting risks. Should an employee find any
significant risk that could impact Company operation, he/she
should immediately report to his/her supervisor, and should
immediately deliver this report to risk management secretarial
unit to be handed to the President if necessary. The President
should call on risk management meeting to undertake
necessary responses to avoid or lower possible impacts to the
Company. CTCI also continues to conduct risk management
training for employees. In 2015, we have undertaken 7,825
hours of educational training for a total headcount of 3,149
persons, for the topics of risk management, occupational
safety, project management, high risk operations, climate
change, processing safety, construction risk, engineering risk,
supply chain risk, contractual risk, insurance risk, international
trading risk, internal control, legal risk, financial risk, and
information safety and risk.
3.3.2
Information Risk Control
To demonstrate our determination in emphasizing
information security and to protect our internal and clients'
information safety and lower information risk, in order to
offer sustainable quality service and satisfy client needs
for information safety, CTCI has introduced the ISO 27001
international standard to establish the "Information Safety
Management System (ISMS)" in 2014. In addition to crucial
facilities such as the machines in the IT Department and
network regulation, we also incorporated four main systems,
SP3D, SPMat, CMS, and POW coming from the core business
EPC perspective, and we have successfully achieved the bsi
certification under this scope. Additionally, the Company was
chosen as the model company for information management
by bsi in 2015, and was awarded a special Information Safety
Pioneer Award.
In the future, CTCI will continue to enhance the ISMS,
and at the same time, we will inspect compliance with other
systems to further promote the morals of ISO 27001 to each
of our subsidiaries to fully enhance the information security
management of the entire CTCI to be in better touch with
international quality standards.
3.3.3
Emerging Risks
CTCI continues to be focused on the changes in the overall
environment. Besides identifying emerging risk factors
that could arise, we also proactively implement regulatory
control measures, and at the same time, we also seek for
opportunities in possible future trends.
● Faced with a slowing development in the world economy
that could lead to the risk of lackluster new projects in
both developmed and emerging markets, in addition to
proactively expanding to new markets, CTCI also expands
our reach from the original overseas markets of China,
India, Thailand, Malaysia, and the Middle East, to the US,
Commonwealth of the Independent States, and Indonesia
and further expanded our strategy regarding businesses
that could lead to long-term steady revenue. Through
both vertical and horizontal expansions, we have invested
into markets with growth potentials such as elderly care
business and solar power.
● Furthermore, with the drop in oil prices in 2015, the
weakening in raw materials market, and price of consumer
goods are at a low point. For EPC projects, the risks of
inflation are relatively low, but since the prices of raw
materials have dropped to considerable low points and
remained at these points for a while, if they were to go up
again in the future, this would definitely pose as a risk in on-
going projects. Besides continuing to monitor the trend of
prices, if inflation should occur in the future, we will adopt a
hedging countermeasure policy, and require that inflation
risks be included into quotations for future projects to
hedge against risk impacts.
