SECTION 07 pg. 214 AL-SALĀM REIT No Policy/Document Description of Policy G R I C 6 DEI Policy - Enhancement made during the year. Reviewed and approved by the Board on 25 August 2025. Sets commitments to diversity, equity, inclusion, fair practices & equal opportunity. √ - - √ 7 Climate Risk Framework -New policy, which is a sub-set of ERM Framework. Reviewed and approved by the Board on 4 December 2025. Outlines processes to identify, assess, manage & report climate-related risks. √ √ - √ 8 Credit Card Management Policy -New policy. Reviewed and approved by the Board on 4 September 2025. Defines governance & internal controls for corporate credit card usage, monitoring & compliance. √ - √ √ 9 Stakeholder Management Policy -New policy. Reviewed and approved by the Board on 4 December 2025. Identifies, engages, and manages key stakeholders to ensure transparent communication, sustained relationships, and alignment with regulatory and ESG expectations √ √ - √ • G = Governance (Board oversight, strategic direction, ethical tone) • R = Risk (identification, mitigation, monitoring) • I = Internal Control (process controls, procedures, authorisation limits) • C = Compliance (laws, regulations, reporting obligations) The REIT maintains a comprehensive set of documented policies, procedures and SOPs that guide business processes, ensure consistency of operations and support the effectiveness of internal controls. SOPs are reviewed periodically to reflect changes in regulatory requirements, business operations and industry practices. These documented controls form part of the first line of defence and ensure that day-to-day activities are carried out in accordance with approved policies and governance expectations. Controls Over Key Business Processes Control activities are embedded across Al-Salām REIT’s operations to ensure that key risks are mitigated and business processes are executed in a consistent and controlled manner. These activities include documented approval limits, segregation of duties, reconciliations, verification procedures and system-based controls that support the accuracy and integrity of financial reporting and operational outcomes. In managing its diversified real estate portfolio, the REIT implements structured tenancy controls such as tenant onboarding due diligence, verification of lease documentation, rental billing reconciliations, credit control monitoring and escalation procedures for arrears. Asset management controls include planned preventive maintenance (PPM) schedules, M&E inspections, facility condition assessments, statutory compliance checks and monitoring of essential building systems to ensure operational continuity for hospital tenants. Procurement and contract management controls are supported by competitive quotation requirements, vendor due diligence including ESG compliance, approval thresholds, contract review processes and vendor performance monitoring. Capex projects are governed through feasibility assessments, budgeting controls, tender evaluations and post-implementation reviews to ensure accountability and value for money. STATEMENT ON RISK MANAGEMENT & INTERNAL CONTROL
RkJQdWJsaXNoZXIy NDgzMzc=