SMIC created a risk library that included risks from five categories: strategic, financial, market, operation, and compliance. The diagram below provides some samples for further clarification on the types of issues evaluated.

Managing SMIC’s complex overall risk landscape are the Risk Management Committee (RMC) and the Risk Management Communication Committee (RMCC), with support from the Risk Management Office (RMO). The chairman of the RMC regularly reports to the head of the Audit Committee of the Board of Directors. The duties of the RMC and RMCC are as follows:

 

RMC:
● Keeps a close eye on the uncertainties in the company’s internal and external environment and assesses their potential impact on stakeholders
● Takes a dynamic approach to identify major risks, develops targeted response strategies, and guides the RMCC to carry out risk management activities to achieve effective control of risks

 

RMCC:
● Conducts annual risk assessments, updates potentially significant risks, improves the corporate risk database
● Makes timely adjustments in response strategies

To ensure business resiliency, SMIC has set in place a management system for business continuation in the face of crisis. SMIC makes preparations against potential disruptions based on analysis of internal and external risks in order to minimize the likelihood of their occurrence and/or their impact. When an incident occurs, the company will follow pre-planned responses and will also maintain open communication with all stakeholders. These recovery plans are documented, reviewed (using a multidisciplinary team), updated as needed, and periodically tested. Together these actions ensure production is minimally affected and fully restored as soon as possible.