Business Continuity Management
Continuous attention to internal and external potential risks for risk control
To ensure business continuity, AUO continuously monitors and invests in risk control and response preparations for potential external and internal operating risks that may impact the company’s operations. The Business Continuity Plan (BCP) is one element in this effort, which helps, in the event of an incident, to maintain key business operations at acceptable and agreed levels. From 2008 to date, AUO has had a BCP in place and has carried out various drills to respond to fires, earthquakes, chemical spills, infectious diseases, and raw materials supply shortages and has had risk management strategies in place and will continue to develop its BCP response capabilities in different scenarios.
Business Continuity Management
Water shortages
Reduced precipitation, lowered levels of water in water reservoirs, causing fears of production water shortage
Earthquakes
Production line response drills for dealing with damage to production machinery and equipment in the factory caused by earthquakes
Fires
Fire in the server room impacting operations
Infectious diseases
Response drills to announcements of regional outbreaks of infectious diseases
Raw materials supply shortage
A sudden major accident at a raw materials supplier causing a shortage of raw materials supply.
Digital threats
Production machinery encountering a computer virus
Epidemic Quarantine and Business Continuity Response
Au Optronics has accumulated experience in combating SARS, H1N1 and other emerging infectious diseases, and established a complete epidemic prevention and emergency response process. The COVID-19 response was used as an example for case sharing.
Information Security Management Process
Based on the goal of Information Security Policy, the implementation strategies and action plans are established every year. To increase the maturity of information security and protect data security, the "Keep data secure at all times" policy was implemented in 2020 to make sure data protection and security.
Water shortage
AUO monitors the water shortage crises across Taiwan caused by insufficient precipitation and regularly reviews its response measures. We also hold drills whereby our water tanker and production lines are adjusted under various moot water shortage scenarios.
Epidemic Quarantine and Business Continuity Response
Au Optronics has accumulated experience in combating SARS, H1N1 and other emerging infectious diseases, and established a complete epidemic prevention and emergency response process. The COVID-19 response was used as an example for case sharing.
Resistance to disease
- Establish a Business Continuity Plan (BCP) to uniformly dispatch epidemic information and response actions from factories and abroad.
- The global operations continuous response command system is led by the chairman and CEO, and the level 1 executives including business, manufacturing, supply chain, HR, IT, finance, etc. are in charge, and the relevant working group is established to implement the relevant response decisions.
- In accordance with the company's "epidemic prevention classification and Contingency measures", all factories and offices around the world immediately carry out preventive measures such as staff health education and epidemic prevention promotion, travel control, self-health return, temperature measurement, visitor management, meal guidance, etc., in order to improve the internal epidemic prevention energy of the company.
- Planning staff division/time-sharing/home-working plan, carrying out advance staff division and exercise from staff grouping, workplace adjustment, IT information system backup, etc., so as to facilitate the immediate start of the outbreak, protect staff health and avoid the impact on the company operation.
- The severity and breadth of the COVID-19 outbreak is completely different from previous emergencies. Seek assistance from external medical and public health experts and professional consultants to strengthen the response to the epidemic.
- Proactively communicate with customers and let them know the progress of the company's preparedness and supply.
- Provide AUO Epidemic Preparedness Manual for supply chain reference and work with supply chain manufacturers to resume work early.
BCP Emergency Response Organization
Epidemic response
| Development | Level 0 | Level 1 | Level 2 | Level 3 |
|---|---|---|---|---|
| Operating impact index | Person-to-person transmission has occurred | Human-to-human transmission in Taiwan | Domestic community infection | National pandemic |
| guidelines | Preparation/ monitoring | Start the control | Emergency response Preparedness | Emergency response Activated |
| state | Established the "Global Operations Continuous Response Command Center" We have weekly contingency meetings, based on international information a and intelligence provided by the Taiwan Epidemic Center for dynamic management |
Taiwan: Prepare in advance with on-site exercises Overseas: Emergency response and inter-regional support |
||
| area | Taiwan 8 Major Responses (EmployeesㆍPublic facilitiesㆍ Communications、 Data O&M、TransportFinanceㆍPartnership) | Oversea | ||
|
Internal support: Employees: Ensure personnel health and availability |
Employee care, stay calm(CEO letter, psychological counseling(EAP)) Inventory supplies and international support(Ship masks from overseas) Track progress on return to work and hiring management (online recruitment) Manpower distribution and adjustment of business travel (use registry for regular tracking of inter-regional movements) Supplier tracking and contractor support (quarantine resourcesharing manual) |
|||
| Major action plan | Conduct global inventory of supplies Launch health education Real-time information monitoring and unified announcement Upgrade IT resources Visitor restriction management Adjustments to leave,attendance,business travel,holidays and international SOS |
Daily health monitoring and control plant access (measure body temperature/wear mask/report contact history Prepare for quarantine operations, strengthen movement tracking (CCTV photo,registration for events) |
Risk control + Trial "Zoned Attendance" (based on lines of movement and organiza ational level/proxy mechanism Quara antine response + Trial "Work from Home" (based on type of business/IT configuration) |
|
|
Consolidate external operations O&M:Reduce impact on production |
||||
| Major action plan | Media information review ctivate external expert consultants Set up dedicated financial accounts statements for external accounts |
Assess the dynamic impacts on business, adjust production line configuration and shipments Verify transportation bottlenecks and future proposals Cash flow management Response to customer/ external epidemic Track supplier inventories and impact of epidemic Evaluate the hosting of external AUO events and supporting quarantine measures |
Track production manpower, local regulations, and return to work status 2nd Source/Backup solution for transportation and supply |
|
Photos of the epidemic response
Internal training plum seat
Distance to recruit
APP
Information Security Management Process
Based on the goal of Information Security Policy, the implementation strategies and action plans are established every year. To increase the maturity of information security and protect data security, the "Keep data secure at all times" policy was implemented in 2020 to make sure data protection and security.
Execution Strategy & Action plan
Information Security Risk Assessments
AUO conduct information security risk assessments every year according to the Information Security Policy. The internal and external information security topics are also considered in terms of probability of occurrence, degree of impact, degree of impact scale to obtain the quantitative score for the degree of risk.
Assessment items
- System Architecture
- System Change Management
- Project and Resource Management
- Asset and Physical Environment Management
- Software/Hardware Licensing and Compliance
