Risk Management
Policy and Commitment Csun’s board of directors serves as the highest governing body for risk management, ensuring the company’s stable operations and sustainable development. Through the Sustainability Committee, external risks are systematically managed and evaluated to reduce potential impacts on the company’s finances, reputation, and production. The committee reports annually to the board of directors on its activities.
Main Risk Items and Response Strategies
Financial Risks:
-
- Regularly assess risks related to market conditions, exchange rates, and liquidity, and implement hedging strategies to mitigate adverse effects.
- Carefully evaluate investment decisions to avoid high-risk investments.
- Strengthen cash management to ensure the stability of the company’s cash flow.
-
Climate Change Risks:
- Conduct regular climate risk assessments following the TCFD framework and promote energy-saving and carbon-reduction measures.
- Reduce carbon emissions at factories and enhance the development of low-carbon products.
-
Human Resource Risks:
- Provide attractive compensation and career development opportunities to enhance employee loyalty.
- Cultivate internal talent and strengthen the training system to improve employee quality.
-
Information Security Risks:
- Establish information security policies to protect company and customer data.
- Continue employee cybersecurity education and promote incident reporting and response plans.
2023 Performance
- Climate change risk management was strengthened, and greenhouse gas inventories were gradually expanded.
- In terms of information security management, the company increased investments in antivirus software and network firewalls and conducted multiple internal cybersecurity drills, enhancing the company’s security protection capabilities.
Information Security Management
Policy and Commitment Csun continues to improve information security and promotes the concept of “Information Security is Everyone’s Responsibility.” Through clear information security policies and governance processes, the company ensures confidentiality, integrity, and availability when processing data, guaranteeing data security throughout the handling process.
Action Plan
- Conduct social engineering drills and employee information security training to raise awareness across the entire workforce.
- Host an annual “Information Security Month,” which includes phishing email drills and related quizzes.
2023 Performance
- Invested NT$4.75 million in cybersecurity protection software, internal traffic monitoring mechanisms, and antivirus systems.
- Held 12 monthly cybersecurity awareness meetings in 2023, significantly improving security protection levels both inside and outside the company.