Sound risk management is the basis of corporate sustainable development. The concept of a Business Continuity Plan (BCP) was introduced by GIGABYTE in 2023. Threats, vulnerabilities, and risks in business operations are identified and assessed in order to protect operations from disaster and accidental damage. If an incident does occur then the resulting impact and interruption are minimized as well. 11 areas of risk were identified through the risk management process in 2023. Senior executives above the manager level then participated in evaluating the degree of impact on the Company from each risk and their likelihood. A risk matrix was then drawn up based on the results. The appropriate departments were then commissioned to develop a sound risk management method using their professional knowledge and practical experience in related fields.

Emerging Risks

GIGABYTE periodically conducts in-depth assessments of emerging risks, such as information security, supply chain risks, and designated contagious diseases. The potential threats and impacts of emerging risks on the Companyʼs development in the future are also discussed.

• Information security event risk: Risk management is achieved through periodic review of domestic and overseas information security regulations as well as raising employee awareness through drills.
• Supply chain procurement and logistics risk: Suppliers are required to cooperate with a long-term supply policy with rolling demand forecasts. Green logistics has also been implemented through optimization of transportation plans, distributed logistics networks, and hybrid transportation programs. A hub warehouse model is also used to protect against political uncertainty, inflation, labor shortages, and low inventory in order to maintain the flexibility and resilience of the supply chain.
• Designated contagious disease risk: Establish reporting and emergency response mechanisms along with routine internal e-mails, posters, and host health-related seminars to equip employees for self-health management and response.
• Green inflation risk: GIGABYTE has developed and applied green technologies, implemented the Sustainability Fund, and plans to consume renewable energy to address the rising compliance costs of domestic and international environmental policies. Meanwhile, we actively engage suppliers in carbon reduction strategies, offering energy-saving and health inspection counseling, to empower them to realize a low-carbon transition. As GIGABYTE’s upstream scope 3 greenhouse gas emissions are reduced, so will the potential carbon costs of our products.
• Export risks associated with geo-conflicts: The target markets may control cross-border transactions of specific sensitive goods, software, or technologies due to geopolitical conflicts. In response, GIGABYTE has internally used SOA to establish a shipment release mechanism, dual-use item warnings within the shipment system, invoice warnings, and export license requests. An effective proactive control program could reduce the risks of export transportation and reputational damage.

Enhancement of Risk Culture

GIGABYTE attaches great importance to the cultivation of internal corporate risk awareness. We strive to make risk awareness a part of every GIGABYTE employeeʼs work DNA. Risk management training is implemented for all personnel from mid/upper managers to junior employees. For example, emergency incident response drills and first-aid courses are conducted every year. GIGABYTE organizes emergency no-notice evacuation drills every December. Simulated scenarios are used to implement the evacuation of all personnel (including visitors and contractors) and conduct exercises on emergency response and deployment of fire hoses by the firefighting team.