Risk Management

Risk Management

Risk Governance


The Company's risk management is led by the Board of Directors as the highest governing authority. In 2024, the "Sustainability and ERM Committee" was established to assess the operation of risk management, determine qualitative and quantitative risk tolerances, and allocate resources effectively. The "Sustainability and ERM Executive Committee" covers aspects such as strategy, finance, operations, and hazards, as well as emerging risks that may impact the Company's operations in the future. The Risk Management Department is responsible for overseeing and reviewing the effectiveness of risk management. The results of risk management activities and risk reviews are reported to the Board of Directors at least once a year.

Risk Management Policy


The Company follows international risk management guidelines to establish the 'Risk Management Policy and Procedures' as the highest guiding principle for risk management. We strengthen and enhance the internal system architecture, and promote the resilience of our sustainable business operations.

Risk Management Policy & Procedures

Risk management framework


Establish systemic risk response policies and procedures to control corporate risks effectively.


The three lines model in risk management


Mechanisms for Managing Risk Exposure

  1. Risk Analysis: Analyzing internal and external risk-related reports and information, such as the annual report of the World Economic Forum, global trend research, as well as corporate business objectives, past risk issues and incident experiences, each unit is requested to identify the risk exposure related to corporate operations. The content covers strategy, finance, operations, and hazards, evaluating the frequency of occurrence, impact level, and control level, conducting qualitative and quantitative risk assessments, and regularly reviewing risk exposure and control measures at the Sustainability and ERM Executive Committee to achieve effective risk management operation.
  2. Execution Frequency:
  • Q1 : Conduct annual risk identification.
  • Q2 – Q4 : Review risk exposures every quarter and adjust risk control measures.

Internal audit of risk management

To ensure the effective implementation and continuous improvement of the company's risk management, the risk management department is responsible for the company's internal risk auditing work. The audit results are regularly reported to the Board of Directors and the Sustainability and Committee, providing a reference for formulating the risk management strategy.

Learn More

Business Continuity Plan

To realize the goal of business continuity, AUO is continuing to monitor potential risks that have an impact on company operations and invest resources towards controlling and countering such risks. The Business Continuity Plan (BCP) is a part of management activities and it can help with maintaining an acceptable standard of critical business activities when something happens to the Company. Since BCP was introduced by AUO in 2008, the Company has completed exercises for fire, earthquake, chemical spills, epidemics and raw material shortages. Corresponding risk management strategies were also developed.

Learn More
Go Beyond CSR,
Create Shared Values