Governance Report 管治報告 The Education University of Hong Kong Annual Report 2021-2022 56 The five principal risks, mitigation plans and relevant risk treatment activities identified as of this financial year are illustrated as follows: 以下詳述本財政年度內獲識別的五個主要風險類別、相關的減低風險計劃及風險管理行動: Risk Themes 風險類別 Risk Statements 風險陳述 Mitigation Plans 減低風險計劃 Risk Treatment 風險管理 Human resources 人力資源 • Challenges in recruiting and retaining the right talents impacted by the current external environment on the talent market and perceptions over career prospects in Hong Kong may affect EdUHK’s ability to deliver on its objectives • 現時外圍環境對人力市場造成影 響,加上對本港就業前景的觀 感,均對教大招攬和挽留人才造 成挑戰,或會影響本校實現目標 的能力 • Develop a sustainable human resources strategy and plan that can support the University’s overall objectives • Review and maintain competitive remuneration packages, and fair and transparent appraisal and reward systems • Cultivate a performance driven culture to reward high performers • Draw up a succession plan for key positions • 發展可持續人力資源策略及計 劃,支持本校實現整體目標 • 檢視及維持具競爭力的薪酬待 遇,以及公平和具透明度的評核 及獎賞制度 • 培養以表現為本的文化,嘉獎表 現優異的員工 • 就重要職位設立繼任計劃 • Continued to conduct global search to attract quality academic staff • Provided career prospects to staff via promotion • Implemented reward schemes to enhance remuneration package for the purpose of staff retention • Re-engaged appropriate staff beyond retirement age to meet strategic needs • Created new positions i.e. Teaching Assistants and Research Assistant Professors to alleviate the teaching load of academic staff • 持續於全球招攬優秀學術人員 • 透過晉升展現就業前景 • 推行獎賞制度及加強薪酬待遇的 吸引力,以挽留人才 • 重新聘用合適的退休員工,以配 合策略需要 • 新增職位如教學助理及研究助理 教授,以減輕學術人員的教學負 擔 Information systems and cyber security 資訊系統及網絡 保安 • Insufficient support by information systems and safeguards from cyber security threats may affect EdUHK’s efficiency and effectiveness in daily operations such as remote teaching, management and decision making. Risks related to personal data breaches and unauthorised access to EdUHK’s sensitive information may increase • 資訊系統支援不足及網絡安全威 脅,或影響本校日常運作的效率 及效能,例如遙距教學、管理及 決策等。個人資料外洩及未經授 權取得教大內部敏感資訊的風險 或會增加 • Active planning, organisation and control of coherent, reliable and accessible information to meet the University’s objectives and needs • Implement, renew and update cyber security measures and protocol to safeguard information systems and IT infrastructure • Keep University community’s guard up about IT threats and attacks • 積極規劃、籌組和控制一致、可 靠、可獲取的資訊,以滿足大學 的宗旨及需要 • 實施、重整以及更新網絡安全措 施及準則,以充分保護網絡基建 及相關資訊系統 • 提升大學社群對資訊科技相關威 脅及攻擊的意識 • Continued to upgrade and update information systems and accelerated automation of business workflow • Conducted regular reviews of IT security policies and procedures • Conducted regular security audits and surprise checking on critical IT infrastructure and information systems • Conducted training workshops and promotional activities to raise awareness • 持續升級資訊系統並加速工作流 程自動化 • 恆常檢視資訊保安政策及程序 • 定期審視及突擊檢查重要的網絡 基建及相關資訊系統 • 舉辦培訓講座及宣傳活動,以提 高安全意識
RkJQdWJsaXNoZXIy Mjk0NjMy