SECTION 07 pg. 194 AL-SALĀM REIT Actions Taken / In Progress: • Mapped the REIT’s Risk Management Framework to COSO ERM components. • Embed ESG and climate risk considerations within the ERM Framework, aligned to strategic, operational and financial risk assessments, ensuring consistency with the updated SORMIC Guide 2025 expectations • Updated policies and procedures to match the strengthened MCCG expectations. Outcome: Alignment with global risk management standards emphasised under SORMIC 2025. STATEMENT ON RISK MANAGEMENT & INTERNAL CONTROL 3. Embedding International Frameworks (COSO, ISO31000, MCCG) Actions Taken / In Progress: Conducted awareness sessions on the 2025 SORMIC requirements. • Integrated risk responsibilities into OKRs and performance discussions for Management. • Strengthened expectation for risk ownership and timely escalation. Outcome: A more risk-aware culture aligned with updated governance developments. 7. Embedding Risk Culture Across The Organisation Actions Taken / In Progress: • Updated operational SOPs to improve control ownership clarity, internal checks, and responsibility matrices. • Improved documentation of key controls supporting strategic initiatives (e.g., acquisition governance, disposal paths, ESG projects). Outcome: Demonstrably improved internal control maturity and accountability. 4. Enhancing Internal Control Effectiveness Actions Taken / In Progress: • Expanded Internal Audit’s scope to include risk management process audits, not only control audits. • Enhanced IA reporting to highlight control weaknesses, risk level changes, and mitigation effectiveness. • Implemented < 90-day resolution commitment for High-Risk audit findings. Outcome: Clear independent assurance on both risk management and internal control systems. 5. Elevating Internal Audit’s Role in Assurance Actions Taken / In Progress: • Strengthened the SORMIC narrative to reflect effectiveness, limitations, and key improvements in risk systems. • Expanded disclosure to cover emerging risks, ESG integration, and Board oversight processes. • Adopted clearer presentation of risk impact changes, risk heatmaps, and control enhancements. Outcome: Reflects the outcome-oriented, transparent disclosure approach 6. Improving Transparency and Quality of SORMIC Disclosure
RkJQdWJsaXNoZXIy NDgzMzc=