result will finally be used to analyze and plan GRC execution to be more efficient. Furthermore, the Company regularly communicates GRC through GRC Newsletter. The GRC awareness is regular emphasized from top management to employees (Tone at the top) in the CEO townhall. In 2021, GC increased communication channel via Chatbot “NongTemJai” which can provide GRC information all the time and launched Integrated GRC Course in e-Learning platform “UP” to enhance and increase awareness and understanding of GRC to all executives and employees. the mitigation plans are developed accordingly. Risk factors and mitigation plans are reviewed and monitored regularly to assure short-term and long-term GC’s goals. GC develops Key Risk Indicators (KRI) linked with Key Performance Indicator (KPI) to evaluate short-term and long-term the Company’s goals and monitor changes in risk factors and efficiently manage risk in timely manner. In 2021, GC revised Risk Matrix to enhance the efficiency of the risk prioritization, as well as revised the likelihood and impact evaluation criteria for risk assessment in 2022. GC annually tests the robustness of Business Continuity plan (BCP) in business unit level and corporate level by simulating events that could disrupt business operations and affect business continuity to assure that GC is well prepared to cope with such crises effectively. The BCP plan is continuously improved from the lesson learn before the incident occurs. In 2021, GC tested the robustness of BCP in corporate level by simulating 2 events- “Hazard Chemicals Leak and Fire” and “Cyber Attack Operating System” together with relevant operations and support functions. Detailed are described under Risk Management part. 3. CONTROL ACTIVITIES GC have defined control activities to mitigate risks of not achieving the Company’s goals and ensure that the residual risks are at acceptable level. These include: The designed control activities align with internal control principles, such as segregation of duties, check and balance system, conflict-of-interest declaration. To ensure that the business is operated in a transparent, fair, and auditable manner for utmost benefit to the organization. Rules, regulations, policies, and procedures are in place with clear boundaries of authorization to limit the power and authority of the CEO, executives, and other employees. Furthermore, operations are reviewed regularly to ensure compliance with rules, regulations, policies, and procedures. 2. RISK ASSESSMENT The Board of Directors and executives emphasize on risk management to ensure the achievement in both short-term and long-term goals. The Risk Management Committee is appointed by the Board of Directors, along with the Enterprise Risk Management Committee and taskforces are appointed by the CEO to manage business risk and specific issues. This structure is appropriated, allowing the Company to have flexibility and ensure efficiency and effectiveness. GC announces Risk Management policy and implements the Integrated Enterprise Risk Management systematically and continuously throughout the organization according to the international risk management framework and guidelines. The risk assessment is conducted in various aspects, including current business-related risk factors, future business-related risk factors, emerging risk factors, and the potential for fraud and corruption, thus FOR ALL EXECUTIVES AND EMPLOYEES IN GC GROUP SELF-LEARNING INTEGRATED GRC COURSE VIA E-LEARNING PLATFORM “UP” AWARENESS RAISING GRC UNDERSTANDING ENHANCEMENT 200 PTT GLOBAL CHEMICAL PUBLIC COMPANY LIMITED Form 56-1 One Report 2021
RkJQdWJsaXNoZXIy ODg4NTI=