Annual Report 2025

舜宇光學科技（集團）有限公司 • 2025 年報 103 Corporate Governance Report 企業管治報告 Responsibilities of the organizational governance body: being responsible for establishing and maintaining an effective governance structure and processes to ensure alignment between the organization’s objectives and the core interests of stakeholders. It authorizes and provides resources to management while overseeing its compliance and ethical conduct. Furthermore, it establishes an independent internal audit function to obtain reliable assurance regarding the achievement of the organization’s objectives. Management and first-line and second-line functions: management is accountable for achieving the organization’s objectives, encompassing both first-line and second-line functions. The first-line directly engages with customers to deliver products and services and manages associated risks. The second-line specializes in assisting with risk management, providing expertise, support, and oversight on risk- related matters, and offering constructive challenge. Third-line function: the function of the audit and supervision department is to provide independent and objective assurance and consulting on the adequacy and effectiveness of organizational governance and risk management through a systematic and disciplined approach. Its audit results are reported to management and the governance body. In its assessments, it considers other internal and external assurance information to drive continuous improvement within the organization. Based on industry best practices in risk management (such as COSO-ERM, ISO 31000, and the Guidelines for Comprehensive Risk Management of Central Enterprises), and taking into account the Group’s actual circumstances, the Group has established a fundamental risk management process encompassing the following six stages: 持續的過程 Continuous Processes 1.Goal Setting 目標設定 2.Risk Identification 風險識別 3.Risk Assessment 風險評估 4.Risk Response 風險應對 5.Control Activity 控制活動 6.Monitoring 監控 組織治理機構的職責：負責建立並維護有效的 治理結構與流程，確保組織目標與利益相關方 核心利益一致、它向管理層授權並提供資源， 同時監督其合規與道德行為，並設立獨立的內 部審計部門，以獲取對其目標實現過程的可靠 確認。 管理層與第一、第二線職能：管理層承擔實現 組織目標的責任，涵蓋第一線和第二線職能。 第一線直接面向客戶提供產品與服務，管理風 險。第二線專門協助進行風險管理，為風險相 關事務提供專業知識、支撐和監督，並提供合 理質疑。 第三線職能：審計監察部的職能是通過系統化 和專業化的方法，對組織治理和風險管理的適 儅性與有效性提供獨立且客觀的確認與諮詢。 其審計結果需要報告給管理層和治理機構，並 在評估時綜合考慮其他內外部保證信息，以推 動組織持續改進。 根據行業風險管理最佳實踐（如 COSO-ERM 、 ISO 31000 及《中央企業全面風險管理指引》 等），並結合本集團實際情況，本集團制定了涵 蓋以下六個階段的風險管理基本流程：