Annual Report 2019

74 Sunny Optical Technology (Group) Company Limited • ANNUAL REPORT 2019 Corporate Governance Report 企業管治報告 ENTERPRISE RISK MANAGEMENT The Board is responsible for the effectiveness of the risk management and has authorized the Audit Committee to act as the professional committee to professionally review the risk management reports submitted by the management, ensuring that the management has fulfilled its responsibilities to establish effective risk management and internal control systems. Systems and procedures have been established by the Group to identify, assess, manage and monitor various risks including strategy, financing, market, operation and laws that may have impacts on the Group and each major department. The Company has built an enterprise risk management (“ ERM ”) system with a view to enhancing the risk management and corporate governance practice, and improving the effectiveness and efficiency of internal control systems across the whole Group. The Group has organised and established a risk management group (“ Risk Management Group ”) headed by the Chief Executive Officer, responsible for daily management related to risks of the Group. All of the Group’s subsidiaries have also established risk management team, responsible for risk management of their own. At the same time, the Group has engaged a world-renowned consultant institution as the risk management consultant to assist the Group in building effective risk management overall framework so as to ensure the adequacy of resources, staff qualifications and experience, staff training programmes and relevant budget of the Group’s accounting, internal audit and financial reporting function. The Board believes that a heightened focus on risk and compliance is beneficial for the ongoing development and growth of the Company as well as its staff. In establishing the ERM system, all key functions of the Company were carried out by the Risk Management Group of the Group to undertake the following exercises: 1. Enterprise risk assessment – to identify and prioritise the Group’s key business risks; 2. Enterprise risk response – to assess the related internal controls and risk mitigating measures; 企業風險管理 董事會對風險管理工作的有效性負責，並授權 審計委員會作為專業委員會，專業審核管理層 提交的風險管理報告，確保管理層已履行建立 有效的風險管理及內部監控系統的職責。本集 團已建立系統及程序以識別、評估、管理及監 控各種可能影響本集團及各主要部門的風險， 包括戰略、財務、市場、運營及法律等方面的 風險。 為增強本集團整體的風險管理及企業管治常 規，並提高內部監控系統的有效性及效率，本 公司已建立企業風險管理（「 企業風險管理 」）系 統。 本集團已組建了由總裁擔任組長的風險管理工 作小組（「 風險管理工作小組 」），負責本集團 風險相關的日常管理工作。本集團所有附屬公 司亦成立了風險管理工作團隊，負責各自公司 的風險管理工作。同時，本集團聘請國際知名 諮詢機構擔任風險管理顧問，協助本集團構建 有效的風險管理整體框架，以確保本集團在會 計、內部審核及財務匯報職能方面的資源、員 工資歷及經驗、員工所接受的培訓課程及有關 預算是足夠的。 董事會認為，高度專注於風險及合規情況有利 於本公司及其員工的持續發展及成長。於建立 風險管理系統時，本公司所有關鍵職能由本集 團風險管理工作小組執行，並推行以下舉措： 1. 企業風險評估－識別本集團主要業務風險 並區分優先次序； 2. 企業風險應對－評估相關內部監控及降低 風險的措施；