Home / INVESTOR / Risk Management

Risk Management


Risk Management

In response to global political and economic development trends and changes, EOI formulated the "Risk Management Policy", which was approved by the Board of Directors on December 23, 2020, as the highest guiding principle for the Company's risk management.

According to the four aspects of environment, society, economy (including corporate governance) and others (including information security), with a complete risk management organizational structure and practical promotion methods, we can grasp the relevant risks that may affect the sustainable development of enterprises.

Through the identification, assessment, control, supervision and communication of potential risks, and qualitative or quantitative management methods, the various risks faced by the Group's operations are reduced to a tolerable and controllable range, and serving as a reference for the formulation of business strategies to reasonably ensure the achievement of the Company's strategic objectives. This policy is specially formulated for the above purpose.

Risk Management Organizational Structure


The President serves as the top risk management supervisor of the Company, and the senior executives, functional unit supervisors and business contractors serve as the first-line risk management personnel to detect, identify, evaluate and formulate relevant countermeasures for various risks, and review and supervise at operational meetings. For different risks, the President also sets up relevant response teams according to different events, and assigns different responsible supervisors to coordinate the response. In addition, for the internal control system, the audit unit is responsible for auditing the implementation situation.

Risk management operation

Operational situation File download Date
The Board of Directors approved the formulation of the Company's "Group Risk Management Policy". 2020/12/23
  • Hosted by the company's top risk management supervisor - the general manager, senior supervisors, responsible personnel (functional department supervisors) and business contractors will participate in the meeting to collect major risk issues that are self-assessed by each department.
  • The total number of trainees was 41.
2021/10
  • After each functional unit identifies the risk factors it may face, it formulates appropriate measurement methods as the basis for risk management.
  • Risk assessment includes the analysis and measurement of risks. Through the analysis of the possibility of risk events and the degree of negative impact in the event of occurrence, the impact of risks on the company is assessed as the priority and response measures for the subsequent formulation of risk control. selected reference.
2021/10
In the company's "Corporate Governance and Sustainable Development Committee" and "Audit Committee", report on the annual plan and operation of risk management. 2021/11
The general manager reports the operation of risk management to the board of directors and proposes response measures. 2021/11/4
Conference theme: EOI business opportunities and risks this year and in the future (participants: senior executives and relevant executives).
Number of participants: 25 people. 		2022/3/30
The general manager reports the operation of risk management to the board of directors and proposes response measures. 2022/5/5
Hold a risk management meeting for the second quarter of 2022. Conference theme: Risk Management Implementation Progress Report (Participants: Senior Executives).
Number of participants: 14 people.

 2022/6/29
The general manager reports the operation of risk management to the board of directors and proposes response measures. 2022/8/4
Hold a risk management meeting for the third quarter of 2022. Conference theme: Risk Management Implementation Progress Report (Participants: Senior Executives).
Number of participants: 14 people. 		2022/10/24
The general manager reports the operation of risk management to the board of directors and proposes response measures. 2022/11/3
The risk management meeting for the third quarter of 2023 will be held. Meeting topic: Risk management implementation progress report (Participants: senior executives).
Number of participants: 15 people.

 2023/10/24
The general manager reports the operation status and response measures of risk management to the audit committee, and the audit committee supervises the company's existing or potential risks and provides improvement suggestions.
2023/11/06
The general manager reports the operation status and response measures of risk management to the board of directors, and the board of directors supervises and provides improvement suggestions.
2023/11/06
Convene the third quarter risk management meeting of 2024. Meeting topic: Risk management implementation progress report (Participants: Senior managers).
Number of participants: 15 people.
 2024/11/13
The general manager reports the operation status and response measures of risk management to the audit committee, and the audit committee supervises the company's existing or potential risks and provides improvement suggestions.
2024/11/14
The general manager reports the operation status and response measures of risk management to the board of directors, and the board of directors supervises and provides improvement suggestions.
2024/11/14
The Q1 2025 Risk Management Meeting was convened. Meeting topic: Progress report on risk management execution (Participants: Senior management).
Number of participants: 14

 2025/5/2
The President reported the operation and response measures of risk management to the Audit and Risk Management Committee, and the committee members supervised existing or potential risks of the company and provided suggestions for improvement.
2025/5/8
The President reported the operation and response measures of risk management to the Board of Directors, and the Board provided supervision and suggestions for improvement.
2025/5/8


Risk Management Process

The Company's risk management process includes risk topic identification, risk assessment, risk control, risk reporting and disclosure, and risk disclosure response, and is continuously managed through the PDCA (Plan, Do, Check, Act) cycle process.

Risk Scope and Issue Identification

According to the principle of materiality, EOI divides risks into 8 categories according to the four aspects of environment, society, economy (including corporate governance) and others.

Risk Matrix

According to the risk matrix of the impact possibility and impact degree of various risk projects of the department, the main risk issues are evaluated, and the key risk projects are identified, so that the Company can take further countermeasures. And through the PDCA management cycle operation, continue to effectively improve and master various risk factors in order to reduce the probability and degree of damage caused by risks.
Since 2021, EOI has held a risk management response meeting at least once a year and submitted a report to the board of directors, so that the board of directors can fully guide and supervise the Company's strategy, major business and risk management responsibilities, and meet the requirements of corporate governance so as to reduce and avoid any possible operational risks.

Information security enforcement

1. Continuously require that information security training is included as a mandatory course in onboarding education for new employees.
2. In 2024, personnel involved in information security attended a total of 18 hours of external information security training and workshops.
3. Throughout 2024, continued efforts to strengthen information security awareness were carried out, with quarterly implementations and company-wide information security education sessions.
4. Conducted two social engineering exercises in 2024.
5. Achieved the 2024 targets by executing emergency response drills for the information environment and conducting social engineering security exercises.
6. The implementation of ISO 27001:2022 is currently in progress.