1 102 Table of Contents 104 336

Annual Report 2025

舜宇光學科技(集團)有限公司 • 2025 年報 101 Corporate Governance Report 企業管治報告 Normalized risk management • Reviewed the adequacy and effectiveness of the Group’s risk management system, and reviewed significant risks and emerging risks with department heads; • Expanded the coverage of the risk management pre-warning data system integration; • Monitored the operating results of the KRI every month and gave a timely warning on the abnormal indicator results; • Monitored precautionary results of KRI every month, analyzed abnormal causes, formulated improvement plans, and integrated response plan management for daily risks; • Monitored the implementation of the risk response measures every month and progress of the year-end targets and revised the response plan and the contents in the risk checklist in a timely manner; • Conducted internal control review of key business processes of each business segment and department; • Improved risk management in the integration and implementation across systems; • Optimized the risk management system and overall objectives, and balanced business development and risk management; • Centralized resources on business activities with relatively high risks, invested in personnel and resources and optimized the process for key risks in each business segment and department; • The i n t e r na l aud i t depa r tmen t i ndependen t l y r e v i ewed the adequacy and effectiveness of the risk management system construction and submitted the review results and recommendations on improvement to the Audit Committee; • Collected the major risk events from each business segment and department every month and formed a risk register; • Strengthened the closed-loop management of the risk register and risk indicators; 風險管理常態化 • 檢討本集團風險管理系統是否足夠和有效 並與部門主管檢討重大風險及新興風險; • 擴大風險管理預警數據系統集成的覆蓋範 圍; • 每月監控 KRI 運行結果,並對指標異常結果 進行及時預警; • 每月監控 KRI 預警結果,分析異常原因,制 定改善計劃,並聯動日常風險應對計劃管 理; • 每月監控風險應對措施及年底目標達成落 實情況,並及時修訂應對計劃及風險清單 各項內容; • 各事業分部和部門重點業務流程內控審 閱; • 完善風險管理在跨體系間融合落地; • 優化風險管理體系及總體目標,平衡業務 發展與風險管理; • 各事業分部和部門集中資源應對風險相對 較高的業務活動,針對重點風險進行人員 投入、資源投入以及流程優化; • 內部審計部獨立審閱風險管理體系建設的 充足性及有效性,把審閱結果及改善建議 提交到審核委員會; • 每月收集各事業分部和部門重要風險事 件,形成風險事件庫; • 強化風險事件庫及風險指標閉環管理;

RkJQdWJsaXNoZXIy NTk2Nzg=