Risk Management
Risk Management Organization
The Board of Directors serves as the highest decision-making body for risk management, approving policies and frameworks in line with business strategies and environmental changes to ensure effective risk management. In 2023, Accton established a Risk Management Office to assist in coordinating and implementing the risk management framework. This office is responsible for reviewing and controlling the risk assessments and response actions of various plans and projects initiated by each responsible department.
Information Security Management
I. Implementing Information Security Risk Assessments and Enhancing Information Security Management
Accton has implemented a Plan-Do-Check-Act (PDCA) cycle in its information security management system. Additionally, the “Information Security Incident Reporting Procedures” has been integrated into Accton’s internal risk management system. Quarterly management review meetings are held regularly or when material changes occur in the information operations environment. These meetings independently review information security policies, objectives, procedures, and control measures to prevent potential information security threats and improve information security protection levels, thereby maintaining a consistently high level of service commitment.
II. Reducing Information Security Risks and Strengthening Corporate Digital Resilience
Accton established its Information Security Promotion Committee in 2016 and obtained ISO27001:2013 international standard certification. In 2023, Accton completed the verification of the continued effectiveness of its information security policies and controls to ensure the normal operation of the information security management system, thereby reducing information security risks. In 2020, Accton established a dedicated information security management organization, the Information Security Department, responsible for network security issues, activities, and threat intelligence within the Group. The department is tasked with the implementation, planning, monitoring, and management of operations to proactively detect, investigate, and respond to security threats faced by Accton.
Business Continuity Management
Accton has officially obtained the ISO 22301 Business Continuity Management System (BCMS) certification
To enhance Accton’s resilience in facing various operational disruptions, improve response capabilities, and expedite response times, we proactively plan response measures and recovery plans to mitigate the risk of supply chain disruptions. This proactive approach aims to ensure timely responses and rapid recovery in the event of operational interruptions, thereby minimizing the extent of damages and safeguarding the interests of key stakeholders. Since May 2022, Accton has initiated the implementation of the ISO 22301 Business Continuity Management System across various functional departments within the Company. These departments encompass sales, supply chain (procurement, production management, warehousing, import/ export), research and development, manufacturing, quality assurance, information technology, occupational health and safety, finance, facilities/general affairs, human resources, media relations, and legal affairs. Over the course of approximately one year, these units have collaborated to build and integrate the ISO 22301 Business Continuity Management System. Regarding the process of implementing and establishing the ISO 22301 Business Continuity Management System at Accton, please refer to the 2022 Accton Group Corporate Sustainability Report, Section “2.1.5 Business Continuity Management”
Two important long-term emerging risks & Mitigating actions
| Emerging Risk 1 | Emerging Risk 2 | |
|---|---|---|
| Geopolitics | Talent Development | |
| Description | Relentless geopolitical upheavals and the global spread of infectious diseases are occurring repeatedly, disrupting the market operations and global trade order that the industry has been accustomed to for years. | With the rapid advancement of industrial technology and the competition among tech industries to recruit professional talents, it has become an underlying concern for the continuous growth of enterprises. Companies need to continuously recruit various professional talents to accelerate the development of knowledge and skills, ensuring long-term opportunities for innovation and business. |
| Impact | 1. Imbalance between supply and demand in the supply chain & production disruptions 2. The supply and demand of key business alliances and partners change unpredictably with international developments 3. Difficulty in obtaining materials increases shipping costs and related expenses |
1. The rapid advancement of knowledge and technology necessitates that talents quickly enhance their adaptability and professional expertise. 2. Professional skills in new fields are difficult to cultivate. 3. Recruiting professional talents in new fields is challenging. |
| Mitigating actions | 1. Reconfigure the supply chain: Strengthen the overall supply chain resilience and flexibility in response to upstream customer demands 2. Adopt the ‘remote backup’ mechanism and establish multi-country production bases: Accton expands its production bases to reduce risks and enhance the levels of Quality, Cost, and Delivery (QCD) |
1. Develop training and development programs for various types of specialists 2. Enhance employees’ professional skills and cross-departmental management practices |
