Background Image
Previous Page  92 / 196 Next Page
Information
Show Menu
Previous Page 92 / 196 Next Page
Page Background

Annual Report 2014

92

• The Internal Audit Department has continuously

improved the quality of internal audit through training

for general audit skills and specialized skills for

computerized inspection system such as the Web

Application Penetration Testing. The training took

74 man-days, including educational on-site visits

and exchanging internal audit experiences with the

Internal Audit Department of the Korea Exchange

(KRX), for six man-days.

• SET requires to have a Quality Assessment Review

(QAR) conducted by external independent appraisers

every five years. The last assessment was done in

2011, with continuous improvement taken into

consideration the suggestions from the assessment,

as well as the self-evaluation implementation.

Based on internal audit activities and implementation

of important projects, the Audit Committee viewed that

SET’s overall internal control system has functioned

adequately and appropriately. (Details are shown in

the Audit Committee report).

(6) Risk management

The BoG emphasizes the importance of systematic

risk management. The BoG is responsible for designating

risk management policies and framework for the

organization and appointing the Risk Management

Committee (RMC). The RMC, comprised of experts in

risk management, advises and makes recommendations

to management to ensure that SET’s risk management

process is in line with specified policies and international

standards. The RMC has to ensure complete coverage

of all enterprise-wide significant risks, consisting of

three levels: 1.Strategic risk 2. Business risk and

3. Process risk, via risk assessment and self-control.

Operationally, the management is responsible for

the risk management and sets up the policy in identifying

risks and assessing the level of risk according to the

defined criteria. The Risk Management Department

coordinates and supports management in the implementation

of risk management processes according to the

set policy. The risk management framework can be

summarized as follows:

• Identify and assess the probability of the risk and

the degree of its impact according to the established

criteria, and set measures to manage the risk at an

acceptable level. Follow up on the implementation

of the risk management plan by the management,

as project owner. Report the risk status which

covers a continuous and comprehensive review

of the adequacy and effectiveness of key risk

management measures to ensure that in case the

risk occurs, it will be managed in a timely manner.

Consider suitable risk management measures

required in preparation for the startup of the new

computerized system for clearing and settlement,

for delivery of new securities, and for the securities

depository system within the equity instruments

market. This system is scheduled to begin operation

in mid-2015, and is currently being tested among

all involved agencies in the industry.

• Establish a Business Continuity Plan (BCP), which

includes annually reviewing and practicing the

implementation of the plan with other agencies

in the capital market to cope with any crisis. SET

recognizes the importance of the readiness of the

staff and the system both in the main building and

the backup centers. SET conducts functional tests

on backup systems together with member companies

to manage any disaster that may affect the main

building. This is to ensure there is continuity in

securities trading. In 2014, SET was successful

in implementing the BCP in actual practice when

SET was able to provide securities trading services

to investors throughout the political crisis. This

demonstrated the readiness and viability of SET’s

BCP at world-class level.

• Monitor and report the status of major risks to the

SET Board of Governors, the Risk Management

Committee, and the Audit Committee on a regular

basis to keep them aware of the risks SET is facing.

• Create a culture that encourages SET executives

and staff to realize the importance of risk management

continuously, such as a training course on integrated

risk management and corporate strategy. This includes

being equipped for the ASEAN Economic Community

1 87 88 89 90 91 92 93 94 95 96 97 98 196  FlippingBook