MISC- Annual Report 2016

The MISC Risk Policy states that:- “MISC shall adopt and implement risk management best practices by identifying, assessing, treating and monitoring of risks as well as effectively responding to crises. In the event of prolonged disruption, business continuity practices shall be adopted to restore and ensure continuity of MISC’s key business activities.” The Company has implemented risk management best practices in the form of ERM framework which ensures all business risks are prudently identified, evaluated, treated and managed accordingly to achieve MISC’s strategic objectives. The framework of risk management comprises the following key elements:- • Risk Management Policy The Group’s Risk Management Policy guides the overall best practice of identifying, evaluating, managing, reporting and monitoring the ever changing risks facing the Group and specific measures to mitigate these risks. The emphasis is to effectively reduce the impact of risks, respond to immediate risk events and recover from prolonged business disruption to ensure continuity and sustainability of key business activities as well as delivery of business objectives. • Risk Governance Structure The Risk Management Committee (‘RMC’) was established to review and monitor the Group’s risk management practices. It consists of mainly Vice Presidents and Heads of key service units, and is primarily responsible for driving the implementation of the Risk Management Framework and acts as the central platform for the Group to undertake the following responsibilities: • Assist the Management in identifying principal risks at Group level and providing assurance that the ERM is implemented group-wide to protect and safeguard MISC’s interest; • Review and recommend policies and frameworks specifically to address risk inherent in all business operations and environment pertaining to the Group; • Review, deliberate and recommend mitigation actions to ensure that the Group’s risks are being mitigated effectively; and • To provide a reasonable assurance to the BAC that the Group’s risks are being managed appropriately. Risk management activities are undertaken at corporate and business units/subsidiaries levels and risk reports are reviewed and monitored by the Corporate Strategy & Risk Department (“CSRD”) on regular intervals prior to escalation to RMC. Each appointed and dedicated risk focal person has the responsibility for risk management activities in their specific department/unit to ensure consistent implementation of risk management processes across the Group. The RMC meets on a regular basis to update any risk management issues to the MC, President/Group Chief Executive Officer and BAC, which then updates the Board. BOARD OF DIRECTORS BOARD AUDIT COMMITTEE RISK MANAGEMENT COMMITTEE Corporate Governance 139

RkJQdWJsaXNoZXIy NDgzMzc=