RISK MANAGEMENT (CONT’D) Enterprise Risk Management (ERM) Framework (Cont’d) Risk Reporting Frequency (Cont’d) An expansion of risk appetite parameters and mitigation actions that relates to assets acquisitions/ disposals, joint ventures, business diversification and other corporate exercises deliberated and taken into consideration by the Management and the Board Investment Committee and the Board when recommending and approving the proposals. While Management team members are accountable for risk management in their particular portfolios, responsibility for good risk management rests with every staff member. Risk Owners are required to identify and effectively manage risk related to their core departmental activities. This is done to achieve an appropriate balance between realizing opportunities for gains while minimizing losses to the REIT. INTERNAL CONTROL SYSTEMS For ERM to be effective, it must be embedded throughout an organisation, since risk influences and aligns strategy and performance at all levels. The Board and Management are committed to maintaining an effective internal control environment by continuously enhancing the design of internal control systems to ensure that they are relevant and effective to promote operational agility while ensuring corporate governance and compliance with regulatory guidelines. The internal control policy is designed to provide reasonable assurance regarding the achievement of objectives in the following categories: • Effectiveness and efficiency of operations • Reliability of financial reporting • Compliance with applicable laws and regulations The Managers’ practice of strong internal control is guided by the model of “Three Lines of Defence” as shown below: Statement on Risk Management and Internal Control BOARD BOARD COMMITTEES Three Lines of Defense Control ASSURANCE Senior Management Own, manage and control risk by implementation of neccessary internal control Risk Management, Compliance & Integrity Functions Coordinate, facilitate and oversee the effectiveness of the risk management and internal control activities Internal Audit Provide independent assurance on the effectiveness of the risk management and internal control activities First Line of Defence Second Line of Defence Third Line of Defence 1 ABOUT US 143 3 SUSTAINABILITY STATEMENT 4 CORPORATE GOVERNANCE 5 OTHER INFORMATION 6 FINANCIAL STATEMENTS 2 BUSINESS OVERVIEW
RkJQdWJsaXNoZXIy NDgzMzc=