Al-`Aqar Healthcare REIT Annual Report 2018

STATEMENT ON RISK MANAGEMENT & INTERNAL CONTROL The Board is committed to nurture and preserve a sound system of risk management and internal controls and good corporate governance practises as set out in the Board’s Statement on Risk Management and Internal Control made in compliance with the Principle B of Malaysia Code of Corporate Governance 2017 and Chapter 15.09 of the Main Market Listing Requirements and guided by the Statement on Risk Management and Internal Control: Guidelines for Directors of Listed Issuers. In 2018, the BOD has approved the Enterprise Risk Management (“ERM”) Framework, which takes effect starting 1 August 2018. The ERM Framework outlines the following aspects of Risk Management:- • ERM Policy Statement of Damansara REIT Managers Sdn Berhad; • Organisational Structure and Assigned Roles and Responsibilities; • The Executive Roles and Responsibilities of the Board, Risk Management Committee, Risk Owners of Damansara REIT Managers Sdn Berhad and Internal Audit; and • Risk Management Approach : Risk Analysis Methods and Risk Appetite. ERM POLICY STATEMENT OF DAMANSARA REIT MANAGERS SDN BERHAD DRMSB recognises that it is obliged to systematically manage and regularly review its risk profile at a strategic, financial, operational and compliance level. DRMSB has done this by developing / adopting risk management framework that determines the process and identifies tools for realising its objectives. Not only does it wish to minimise its risk but also maximises its opportunities. It enhances DRMSB’s capability to respond timely to the changing environment and its ability to make better decisions. Risk Registers are developed and subject to regular review by the Executive Committee and reported to the BOD. The Board has a stewardship responsibility to understand these risks, provide guidance on dealing with these risks and to ensure risks are managed proactively, in a structured and consistent manner. The objectives of the policy statement are to ensure:- - a common and consistent approach for management of risks is adopted within DRMSB; - the management of risk contributes to the quality of performance and continuous improvement of DRMSB businesses, its operations and delivery of services and products; and - all significant risks are identified, evaluated, managed and reported in a timely manner to the Executive Committee and the BOD. The policies of the Board for ERM are:- • To integrate risk management into the culture, business activities and decision making processes. Risk management concept, thinking and initiatives must be embedded in the day-to-day business operations and decision-making process. Risks that can be managed through embedded, routine systems and processes should be so managed and monitored. Where risks cannot be so managed, they must be subject to individualised risk management techniques appropriate to a particular risk. • To anticipate and respond to the changing operational, social, environmental and regulatory requirements proactively. As far as reasonably possible, risks must be identified, analysed and dealt with by Management proactively based on their experience, industry knowledge and information available from the market place. DRMSB must not experience any crystalisation of major risk unexpected by the Board. However, this does not mean risk will not transpire, but there are comprehensive plans put in place to respond timely and address the risk impact. • To manage risks pragmatically, to an acceptable level given the particular circumstances of each situation. In dealing with risks, the Board understands that it is not always possible, cost effective or desirable to manage or eliminate risk all together. A cost-benefit approach is needed where the returns must commensurate with the risks taken and reduce cost of risk controls. Al-`Aqar Healthcare REIT • Annual Report 2018 84