AL-SALAM REIT ANNUAL REPORT 2018

AL-SALĀM REIT ANNUAL REPORT 2018 91 The Board is committed to nurture and preserve a sound system of risk management and internal controls and good corporate governance practises as set out in the Board’s Statement on Risk Management and Internal Control made in compliance with the Principle B of Malaysia Code of Corporate Governance 2017 and Chapter 15.09 of the Main Market Listing Requirements and guided by the Statement on Risk Management and Internal Control: Guidelines for Directors of Listed Issuers. In 2018, the Board has approved the Enterprise Risk Management (“ERM”) Framework, which takes efect starting 1 August 2018. The ERM Framework outlines the following aspects of Risk Management:- • ERM Policy Statement of the Manager; • Organisational Structure and Assigned Roles and Responsibilities; • The Executive Roles and Responsibilities of the Board, Risk Management Committee, Risk Owners of Damansara REIT Managers Sdn Berhad and Internal Audit; and • Risk Management Approach : Risk Analysis Methods and Risk Appetite. ERM Policy Statement The Manager recognises that it is obliged to systematically manage and regularly review its risk proile at a strategic, inancial, operational and compliance level. The Manager has done this by developing / adopting risk management framework that determines the process and identiies tools for realising its objectives. Not only does it wish to minimise its risk but also maximises its opportunities. It enhances the Manager’s capability to respond timely to the changing environment and its ability to make better decisions. Risk Registers are developed and subject to regular review by the Executive Committee and reported to the BOD. The Board has a stewardship responsibility to understand these risks, provide guidance on dealing with these risks and to ensure risks are managed proactively, in a structured and consistent manner. The objectives of the policy statement are to ensure:- • a common and consistent approach for management of risks is adopted within DRMSB; • the management of risk contributes to the quality of performance and continuous improvement of DRMSB businesses, its operations and delivery of services and products; and • all signiicant risks are identiied, evaluated, managed and reported in a timely manner to the Executive Committee and the BOD. The policies of the Board for ERM are:- • To integrate risk management into the culture, business activities and decision making processes. Risk management concept, thinking and initiatives must be embedded in the day-to-day business operations and decision- making process. Risks that can be managed through embedded, routine systems and processes should be so managed and monitored. Where risks cannot be so managed, they must be subject to individualised risk management techniques appropriate to a particular risk. • To anticipate and respond to the changing operational, social, environmental and regulatory requirements proactively. As far as reasonably possible, risks must be identiied, analysed and dealt with by Management proactively based on their experience, industry knowledge and information available from the market place. DRMSB must not experience any crystalisation of major risk unexpected by the Board. However, this does not mean risk will not transpire, but there are comprehensive plans put in place to respond timely and address the risk impact. • To manage risks pragmatically, to an acceptable level given the particular circumstances of each situation. In dealing with risks, the Board understands that it is not always possible, cost efective or desirable to manage or eliminate risk all together. A cost-beneit approach is needed where the returns must commensurate with the risks taken and reduce cost of risk controls. • Risk assessment reporting To require that all papers that are submitted to the Board by Management relating to strategy, key project approval, signiicant action or investment must include a detailed risk assessment report. Statement On Risk Management & Internal Control