Risk Management System Protocol

HOME > Sustainabillty > Risk Management > Risk Management System Protocol

Risk Management Protocol is the ultimate criteria of risk management work, and it is updated on a regular basis according to changes in risk management strategy/philosophy and policies (as per the requirements of ISO 31000)

Risk Management defines the configuration and overview of contents
Contents Overview Remark
Chapter 1. General Provision 1.Purpose Outline the purpose of risk management by division  
2. Definition Outline the definition of terminology in the protocol and instruction.  
3. Objective Outline the targets for risk management by division Continuous support to achieve the business goals by managing risks that would hinder their being achieved
4. Basic Principle Outline the principles of risk management by division The company, its independence and management efficiency should all be taken into consideration.
5. Scope Target risks  
6. Priority The highest ground rule of risk management It has priority when it conflicts with other protocols (this is limited only to the area of risk management)
Chapter 2. Risk Management Structure Outline the main responsibility of Risk Management Committee, the director in charge of risk management, Working-Level Risk Management Committee, Overall Risk Management Dept. and the relevant departments Outline in the instruction the detailed responsibility of risk management process by phase.
Chapter 3. Risk Management Procedure Define the work procedures from the annual risk management planning phase to the year-round monitoring Establishment of a risk management plan, identification of risks and the risk indicatorsíŠ Evaluation íŠ response íŠ monitoring and reporting
Chapter 4. Crisis Management Procedure Define a work procedure in case of emergency Identify the signs of a crisis -> respond to crisis -> follow-up control
Chapter 5. Others Define the work instruction Specify the details of the protocol in 'Risk Management Instruction' and 'Instruction by Key Risk'.

Definition of Roles in Risk Management Protocol

Define the regulatory role of risk management
Risk Management Organization Structure and Operation Main Role
Risk Management Committee
  • Chairman: CEO President
  • Commissioner: 8 persons including one from Strategy Planning Div. (Business Affairs depts.. 2, Division 4, HQ 2)
  • Frequency
    • Regular (semi-annual)
    • Irregular (in the event of key agenda) : held by chairman)
  • Deliberate and approve risk management policy and strategy
  • Deliberate and approve key agenda including results of risk management
  • Adjust any conflict/dispute of interest between risk management and other functions of the organization
  • Deliberate and approve the limit of risk
Director in Charge of Risk Management
  • Head of the current Strategy Planning Division(CFO)
  • The ultimate responsibility for overall risk management
    • It applies only to POSCO (separate person in charge for Family companies)
Working-Level Risk Management Committee
  • Chairman : Overall Risk Management Dept. Person in charge (Head of the currentBusiness Checkup Dept.)
  • Commissioner : Group leader of relevant depts
    • Administrator : Team leader of Business Affairs dept.
  • Consult and establish detailed execution plan for each risk management factor
  • Divide and adjust risk management work by department Committee,
  • Consult and decide matters related to risk commented by Business affair depts./ relevantdepts.
Overall Risk Management Dept.
  • The current Business Checkup Dept.
  • Support and report to Risk Management Committee
  • Overall work on key risk management (new, renew)
  • Maintain and complement the risk management system
  • Develop and operate risk management training and change management program
Relevant Depts. -
  • Implement risk management and procedures including sectorial risk identification, evaluation and response
  • Monitor and report on any risk agenda

POSCO SNS