Tradelink 2018 Annual Report

Corporate Governance Report (Continued) 企業管治報告書 （續） Tradelink Electronic Commerce Limited Annual Report 2018 38 (3) 風險管理及內部監控（續） 本集團所採用的風險管理系統框架乃參照 ISO31000 國際標準中概述的原則及程序設 計。適當風險管理活動已納入業務規劃、 項目管理、合約管理、業務營運及組織程 序。風險管理程序涉及的六個步驟為： 1. 確立範圍、背景及標準 2. 風險評估（風險識別、風險分析、風 險評價） 3. 風險處理 4. 監察及檢討 5. 記錄及匯報 6. 溝通與諮詢 我們的風險管理程序及風險管理框架可以 圖表顯示如下： 風險管理程序 ISO31000:2018 (3) Risk Management & Internal Controls (Continued) The risk management system framework adopted by the Group was designed by reference to the principles and process outlined in the international standard of ISO31000. Appropriate risk management activities were embedded into business planning, project management, contract management, business operations and organisational procedures. The six steps involved in the risk management process are: 1. Establish the scope, context and criteria 2. Risk assessment (Risk identification, risk analysis, risk evaluation) 3. Risk treatment 4. Monitoring and review 5. Recording and reporting 6. Communication and consultation Our risk management process and risk management framework can be represented diagrammatically as follows: Risk Management Process ISO31000:2018 Communication & Consultation 溝通與諮詢 Monitoring & Review 監察及檢討 Scope, Context, Criteria 範圍、背景、標準 Risk Assessment 風險評估 Risk Treatment 風險處理 Recording & Reporting 記錄及匯報 Risk Identification 風險識別 Risk Analysis Risk Evaluation 風險分析 風險評價