Go to Corporate Site
EN TH
Menu
Risk Management and Internal Control

Risk Management and Internal Control

Importance and Mission

Risk Management

Risk Management Structure

Risk management is under the supervision of the Board of Directors, with oversight by the Corporate Governance and Risk Management Committee, which consists of five Company directors and executives, chaired by an Independent Director. The Company has defined the roles and responsibilities of the Corporate Governance and Risk Management Committee, as presented in the section on SPI’s Sustainable Development Structure.

Risk Management Policy

Risk Management

The Company places great importance on risk management and has established plans to prepare for and respond to potential risks that may impact business operations. This approach ensures adaptability to the rapidly changing global landscape and promotes sustainable organizational growth by minimizing risks and negative impacts while simultaneously creating business opportunities. To enhance risk management effectiveness, the Company has adopted the Enterprise Risk Management Framework (COSO-ERM) developed by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Enterprise Risk Management Framework

Corporate Governance and Organizational Culture

The Board of Directors and subcommittees are responsible for establishing policies and guidelines for managing enterprise-level risks, setting strategies, targets, and corporate values, including ESG - related risks.

Corporate Strategy and Objectives

The management analyzes the business context, determines risk tolerance, approaches and evaluates risks by setting objectives, which are reviewed and approved by the Board of Directors.

Performance Target

The management considers the response and overall organizational risk to present to the Risk Management Committee and the Board of Directors.

Review and Improvement

The management assesses occurring changes and improves and develops the enterprise risk management system annually.

Communication and Reporting

Corporate Governance Working Team conducts regular performance reporting to the the Governance and Risk Management Committee, including annual disclosure of performance results through the sustainability.

Risk factors that may impact strategy, operations, finance, and compliance with relevant regulations. These risks are categorized into nine key areas

  1. Strategic Risk
  2. Operation Risk
  3. Financial Risk
  4. Regulation Risk
  5. Corruption Risk
  6. Data Privacy and Cyber Security Risk
  7. Human Right Risks
  8. ESG Risk
  9. Emerging Risk

Internal Control

Internal Control Management Structure

The Company has established an internal control system by structuring responsibilities to oversee and monitor internal audits within the organization through the Audit Committee, along with establishing an Internal Audit Department.

The Company’s Internal Audit Department has the responsibility to conduct internal audits independently and present directly to the Audit Committee while also supporting the committee’s responsibilities to operate the system efficiently. In 2024, the Internal Audit Department assessed the adequacy of the internal control system, covering five key components consisting of internal control, risk assessment, operational control, information and Saha Pathana Inter-Holding Public Company Limited 42 Sustainability Report 2024 communication systems, and monitoring systems. Additionally, the Internal Audit Department reported results of the adequacy assessment to the Audit Committee that the Company’s operations aligned with normal business practices, with no significant irregularities, and compliance with relevant laws and regulations was maintained.

Components of the Internal Control System

Components of the Internal Control System
Click to Enlarge

Supporting the SDGs

Peace, Justice and Strong Institutions

Partnerships for the Goals

Stakeholders Directly Impacted

Employee/ Executive
  • Supervise risk management and internal control operations to ensure effectiveness.
  • Be responsible for implementing operations in accordance with the established risk management framework.
  • Perform duties in line with defined standards and guidelines to minimize operational risks.
Shareholders

Review and provide recommendations regarding the organization’s risk management practices.

Government Sectors

Monitor and evaluate the performance of risk management and internal control activities.

Related Documents

Risk Management Policy