Presently, business operation has complications and has changed from the past, as a result of new technology development which has affected human behavior and their living. Although, these changes currently have no direct impacts on the business's operations, there are possibilities the emerging risks may have a significant impact in the future.

GC, therefore, emphasizes on a systematic risk management for the entire organization while continuously improving the agility of the business. GC also continues to provide many training programs regarding risk management to raise the awareness and improve personal development for the executives and all employees. These are to assure that the company will be able to handle uncertainties effectively and achieve the operational strategy.

Risk Management and Internal Process

GC has developed an Enterprise Risk Management according to the international standard of the Committee of Sponsoring Organizations of the Treadway Commission (COSO), the International Organization for Standardization's ISO 31000, as well as, the corporate governance principles for businesses registered in 2017 (CG Code 2017) and anti-corruption guidelines.

GC has set up a risk management framework and guidelines in order to systematically, efficiently and effectively management risks throughout the organization. Additionally, GC has also established a risk management monitoring and performance evaluation system to detect any potential emerging risks, which may arise.

Nevertheless, GC has integrated the risk management in the organization under 3 aspects of Governance, Risk Management and Internal Control and Compliance under one system called GRC. This allows GC to reduce the risks in more comprehensive manner and allows GC to achieve any goals and targets more efficiently.

Risk Management Process

The risk management process comprises of three steps, which are 1.) Risk Identification & Assessment, 2.) Risk Treatment/ Mitigation and 3.) Monitoring & Review. GC would determine the responsible party to conduct risk assessment and mitigation plans in a appropriate manners as well as monitor and review the results at all levels of each functions, subsidiaries, business units and corporate levels.