INTERNAL CONTROL SYSTEMS (CONT’D) Key Features of Internal Control (Cont’d) The key elements and/or features of the internal control system established for maintaining strong corporate governance are as follows (Cont’d): (e) Digitalisation (Cont’d) Business Continuity Management & Disaster Recovery Plan The testing on data recovery are monitored and presented by the appointed outsourced service provider at the Management Committee Meeting and the BARC. Risk-related issues, if any would be escalated to the Board and the regulatory bodies immediately. Cybersecurity & Awareness. As part of prevention activity, the JCorp Group has conducted an overall assessment, i.e. penetration test, on the ICT systems (hardware and software) and from the results with recommendations, measures have taken place to proactively monitor, prevent, contain and recover from vulnerabilities. Password management also was implemented effectively and is part of the requirement in our ICT policy to maintain security and the report was confirmed by the CEO in 2024. ICT awareness campaign was also implemented through education and announcements, to make business users cautious about hackers and current cyberthreat. (f) Monitoring of Operational Performance and Financial Targets Strategic Planning and Mid-year Review The Strategic Planning and Mid-year Review are prepared by the Manager on an annual basis and tabled to a special Board meeting for approval. Analysis and reporting of variances against budget are presented to the Board and the Trustee quarterly, which form part of the monitoring mechanism and mitigation of any risk/ fallback from the financial targets. Financial Monitoring, Reporting and Reviewing Quarterly and annual financial statements containing key financial results as well as operational performance results of the REIT are prepared and reported to the BARC and the Board. Mandatory announcements on key corporate exercises and financial results were made on time in the year under review. At the Management level, monthly coordination meetings on finance matters including credit collection and financial statements are diligently conducted to monitor, mitigate and carry out appropriate actions taken. Engagement with the Stakeholders Quarterly meetings with the Trustee are carried out to discuss the operational and financial performance of the REIT and the properties. During the year under review, two (2) meetings with the Trustee were carried out on 19 June 2024 & 17 October 2024. Timely company briefings with analysts are conducted to apprise the shareholders, stakeholders, and general public of the REIT’s performance while promoting transparency and open discussion. During the year under review, four company briefings were carried out on the following dates: 27 February, 31 May, 30 August and 29 November 2024. Statement on Risk Management and Internal Control 146 AL-SALĀM REIT ANNUAL REPORT 2024
RkJQdWJsaXNoZXIy NDgzMzc=