Governance The Board of Directors oversees the business of the School and meets at least 4 times a year to discuss issues concerning the School’s corporate governance. In addition to the formal meetings, the directors engage in the Management Retreat and Presentation of the Annual Development/Financial Plan to the Board which are held yearly to provide platforms for views and exchange between the Board and senior staff. The Director of the School shares the key discussions from the Board of Directors meetings with the staff via the School Forums (4 times per year). The Board of Directors is also responsible for risk management. All sta are invited to participate in the annual risk register exercise. The updated risk register is submitted annually to the Board of Directors via a Risk Management Working Group, the School Academic and Management Board and the Audit Committee. This year additional risk categories were added for AI, cybersecurity and Cap 320. Internal audit is also an important measure to review compliance with the established guidelines, policies, mechanisms and standards. Other than individual unit and college operations, speci ic business procedures are also reviewed if necessary. From time to time, recommendations are also taken into consideration to enhance existing measures. All audit reports are received by the Audit Committee and the Board of Directors. The School’s Governance Manual is reviewed regularly and is available on the sta intranet. Sta are asked annually to complete a compliance declaration to ensure they are familiar with the various policies/guidelines/manuals that impact their work as well as a con lict of interest declaration. The Board of Directors has also decided to include ESG in the next review of the School’s Strategic Plan. The Board itself has a number of independent directors from outside the University and one third of its members are female so as go some way towards meeting diversity standards. Quarterly training on compliance is arranged and colleagues’ attendance is compulsory to ensure their understanding of compliance with internal and external policies, procedures, guidelines, as well as a number of legislative ordinances. The in house legal team is always consulted when the School is dealing with legal matters, external legal advice will also be sought when necessary. Any major legal issue will also be brought to the senior management meeting, and reported to the Board of Directors (if needed). The School has put in much e ort to ensure compliance with all regulations. The School received its irst-ever Gold Award in the "Privacy-Friendly Awards 2023." Organised by the O¨ice of the Privacy Commissioner for Personal Data (PCPD), these awards aim to recognise public and private organisations and government departments for their outstanding commitment to protecting personal data privacy. This Award recognised the School’s e orts in promoting the protection of personal data privacy and the “Privacy Protection Measures” that are being implemented and achieved. 管治 董事局負責監察學院運作,每年最少開會四次, 討論與學院企業管治相關的事宜。除正式會議 外,董事局委員亦參與每年一次的管理層集思 會及向董事局提交年度發展/ 財務計劃,為董事 局與高級職員提供意見交流平台。學院院長通 過學院論壇(一年四次)與職員分享董事局會議 的討論重點。風險管理亦由董事局負責。所有職 員都會獲邀參與每年一次的風險名冊工作,更新 後的風險名冊經風險管理工作小組、學院教務 及管理委員會及審核委員會提交董事局。今年的 風險名冊新增了人工智能、網絡安全及第320 章等類別。 內部評審亦是一項重要工作,用以檢視既定準 則、政策、機制和標準的合規情況。除了評審個 別部門及學院的運作外,必要時還會審查具體的 業務流程。內部評審會不時提出建議,以加強及 改善現有措施。所有內部評審報告均會提交審核 委員會及董事局。 學院定期檢討管治手冊,並上載於職員內聯網。 職員每年除了需要作出合規聲明,以確保他們熟 悉與工作相關的政策、指引及手冊之外,也需作 出利益衝突聲明。 董事局已決定於下次學院發展策略計劃檢討中加 入環境、社會與管治的內容。現時,學院董事局 成員包括一些港大以外的獨立社會人士,三分之 一的成員為女性,以響應社會的多元準則。 由學院安排每季一次的合規培訓,所有職員均須 出席,以確保他們充分理解並遵守內部及外部政 策、程序、指引及一些法律條例。學院在處理法 律事務時,均會諮詢內部法律團隊,必要時也會 尋求外部法律意見,而任何重大法律議題都會 提交至高級管理層會議,並向董事局匯報(如有 需要)。學院一直致力確保遵守所有法規。 學院在「2023私隱之友嘉許獎」中首度奪得金 獎。該計劃由個人資料私隱專員公署主辦,用以 表揚及嘉許公私營機構及政府部門在實踐保障 個人資料私隱的努力。該獎項肯定了學院在推動 保護個人資料私隱的努力,以及實施「私隱保護 措施」的成效。 HKU SPACE ANNUAL REPORT 2023/24 DIRECTOR’S REVIEW OF THE YEAR院長回顧 HKU SPACE ANNUAL REPORT 2023/24 DIRECTOR’S REVIEW OF THE YEAR院長回顧 14 15
RkJQdWJsaXNoZXIy MTgwNDcxNg==