Risk Management

Organization of Risk Management

The Organization of Risk Management at CSC includes the Board of Directors, the Corporate Governance and Sustainability Committee, the Business Execution Units, and the Internal Auditing (IA). We adopt a comprehensive risk control approach involving all employees, rather than being managed by a single department. The risk management functions are divided into three lines:

The first line is the Business Execution Units (first echelon at plants/departments), which are responsible for the initial identification, assessment, and control of risks. They assess the risk levels and corresponding measures, which are then reviewed by the management level and submitted to the Risk Management Team for consolidation.

The second line is the Corporate Governance and Sustainability Committee, which primarily assists the Board of Directors in executing its risk management responsibilities. This committee reviews various risk management issues proposed by the Risk Management Team and reports to the Board of Directors regularly.

The third line is the Internal Auditing (IA), which is under the Board of Directors. It independently and objectively inspects and reviews the first two lines of defense and tracks the progress of deficiency improvements. The Audit Office reports regularly to the Board of Directors and independent directors to maintain the effective and appropriate operation of the internal control system.