Risk and Crisis Management

  >  Risk and Crisis Management

Risk and Crisis Management



Risk management is a crucial mechanism in identifying risks and any future challenges that may affect the Company. Simultaneously, effective risk management and risk mitigation measure are important factors that will facilitate the Company to achieve its goals. Both factors also create values for all stakeholder groups.

Management Approach

The Company determined risk management framework to ensure the Company can work according to its risk management approach, and is able to identify and forecast risks with potential negative impacts to the Company’s operation and goals in every aspects. Similarly, the Company has develop plans to continuously control, monitor, and improve risks through management, control and review mechanisms. These components ensures risk level is within risk appetite, as well as embedding corporate-wide risk management culture. Such arrangement promotes understanding, raises awareness and engagement for all level of employees on the topic of corporate-wide risk management.

Risk and Incident Management Framework for Sustainable Business Operations

The Company established Risk Management Unit and Compliance Unit, operating under Risk Management Committee. The Company appoints representatives in each function to jointly work in the Unit. They are also tasked with summarizing and reporting performance to Management, the audit committee and the Board, twice a year. This routine reviews efficiency and effectiveness of risk management process, such as financial risks, tax risks, strategic risks, compliance risks, operational risks, social risks, environmental risks, climate change risks, economic risks, corruption risks, and reputation risks. Additionally, risk management process is reviewed and assessed according to COSO Framework annually. In 2019, Risk Management Unit divides risk management structures into 3 categories, which are 1) Operational risk  2) Sustainability risk  and  3) Emerging risk.  Functions collaborate in annual risk assessment, trainings and seminars. Representatives from different functions, or risk champions, who drive for development of risk mitigation measures and processes, will participate on a quarterly basis. Data Protection Officer has also been appointed to provide knowledge. Similarly, there are clear process for internal control and risk monitoring, which requires close collaboration with risk champions. The process and performance are as follows

Emerging Risks

The Company reviews risks and analyzes emerging risks which may affect the Company’s business operations continuously. This ensures immediate measures and responses to address them. In 2019, there are two types of emerging risks, as follows: digital transformation and cyber security.

Furthermore, the Company remains committed in raising awareness of internal risk identification through “Participatory Corporate Risk Identification Program” with employees to Management, facilitating “Black Swan” identification. Black Swan incident may obstruct the Company from achieving its goal, create insecurity or instability to the Company. The 6 related risk issues comprises  1) Business Continuity  2) Work Process  3) Product and Service  4) Outsourcing  5) Corporate Sustainability  and  6) Other Activities Related to Companies in The Group Management  via employees participated in the Risk Identification program through various channels, such as Electronic Platform, QR Code; which provides convenience and enhances employees’ engagement further. The program’s key concept is “to identify and address potential Black Swan incidents, facilitating control and management”

Key Project in 2019

Black Swan Award

Objective Raising awareness and participatory of Corporate Risk Identification Program.

The Program aims to employees to Management, facilitating “Black Swan” identification. Black Swan incident may obstruct the Company from achieving its goal, create insecurity or instability to the Company. The 6 related risk issues comprises:

Results and Benefits

Cyber Resilience Preparation Project

Objective Raise Management and employees’ awareness and understanding of cybersecurity.

Other Information



Sensitivity Risk
Business Environment Risk


According to business expansion continuously, the Company is aware of development of GHG emissions reduction initiatives for various operations, including research, pilot projects, and applied to the business as well as collaboration program with stakeholders thought value chain. Under continuously development principle, the Company has preliminary studied on advance sustainability targets, being a carbon neutral organization or net zero carbon 2030 afterward. The Company has simulated 3 GHG emissions reduction scenarios (shown in diagram 1) which all cases are linked with the business growth. Additionally scenario has been performed by limiting volume of carbon offsetting at 20% of projection BAU case in 2030. The offsetting cost of all remaining carbon emissions will be used for range determination.


Results are indicating cost that associated climate change mitigation and linkage with business case which reflect effort and preparations required for co-mitigating the global issue.


Diagram 1 GHG emissions and carbon offsetting


Sensitivity analysis for carbon offsetting on target year 2030 scenario
Input   Unit
Voluntary Emission Reduction 17 Euro / VERs
Exchange rate 35 Bath / Euro
Carbon emissions forecasting 2030 (CEF2030) 2,928,129.23 tCO2e
Target limited GHGs growth at 4% 2,811,004.06 tCO2e
Target GHG emissions reduction at 10% 2,635,316.31 tCO2e
Limit carbon offsetting at 20% of (CEF2030) 585,625.85 tCO2e

Compliance Risk and Operation Risk
Sensitivity Analysis of Future Salary Growth and Employee Turnover Rate


Market Risk
Sensitivity Analysis of Discount Rate


For more details —–> SD Report 2019 , Annual Report 2019

Related Policy and Guideline