Annual Report 2019

舜宇光學科技（集團）有限公司 • 2019 年報 81 Corporate Governance Report 企業管治報告 Group’s major risks 本集團主要風險 Key control and treatment plan(s) 主要控制及處理方案 Target risk trend 目標風險趨向 Customer Credit Risks: 客戶信用風險： – The unreasonable design of the customer credit management policy and the failure to implement the credit policy may result in the Company risk for bad debt losses and impaired economic interest. － 客戶信用管理政策設計不合理、信用政策執行不到 位，可能導致本公司產生壞賬損失風險，使本公司 經濟利益受損。 – Improving the credit management system, regularly reviewing the credit assessment of customers, and adjusting the credit limit; － 完善客戶信用管理制度，並定期對客戶進行信用評 估並調整信用額度； – Conducting risk customer screening management when choosing new customers, and tighter management on business terms and conditions for high-risk customers in the early stage; － 新客戶選擇時進行風險客戶篩選管理，高風險客戶 前期進行商務條件條款加嚴管理； – Participating in accounts receivable insurance to reduce bad debt losses; and － 參加應收賬款保險，減少壞賬損失；及 – Strengthening the supervision and management of risk indicators, early warning the trend in credit change and analyzing reasons for trend change. － 加大風險指標監控與管理，提前預警信用變動趨 勢，並分析趨勢變動原因。 Information System and Information Security Management Risk: 信息系統與信息安全管理風險： – Lack of and unreasonable planning of the information system and unfulfilled construction of information security management system might fail to support the business operations effectively, resulting in inefficient management for the Company. － 信息系統缺乏或規劃不合理，信息安全管理體系建 設不到位，以致未能有效支撐業務運營，可能造成 本公司經營管理效率低下。 – Establishing an information security management system, continuously improving the information system management system, and the information security control measures; － 建立信息安全管理體系，持續完善信息系統管理制 度，並不斷完善信息安全控制措施； – Strengthening the physical security of enterprise data centers, developing information system/data backup and information system disaster recovery plans, standardizing personnel operations to ensure continuity in the information system business; and － 加強企業數據中心的物理安全，制定信息系統╱數 據備份與信息系統災難恢復計劃，規範人員操作， 確保信息系統業務連續性；及 – Strengthening protective measures on internal and external network security and abilities to prevent viruses to protect information security and business systems security of the Company. － 加強內外部網絡安全防護措施及病毒防禦能力，保 障本公司信息安全與業務系統安全。