The ERM encompasses a structured approach, principles and processes on leadership and commitment, integration, designing, implementing, evaluating and improving risk management across the Group. ENTERPRISE RISK MANAGEMENT • Principles of Effective Risk Management • Risk Policy of the Board • Board’s Risk Appetite Statement • Risk Management ERM Structure • Roles & Responsibilities RISK ASSESSMENT ERM FRAMEWORK: LEADERSHIP & COMMITMENT Integration into culture, business activities & decision making process Design the ERM according to internal & external context of the Group Implement the risk management process Evaluate effectiveness of risk management framework Continual improvement of the framework ERM PRINCIPLES: VALUE CREATION & PROTECTION Integral part of organisational process Structured & comprehensive Customised to objectives and risk profile Transparent & inclusive of the Board & Senior management Dynamic, iterative & responsive to change Based on best available information Takes human & cultural factors into account Facilitate continual improvement RISK MANAGEMENT FRAMEWORK The Group’s Enterprise Risk Management Framework (“ERM”) is the foundation for the Group-wide practice in designing, implementing, monitoring, reviewing and continually improving risk management of the Group. The ERM’s approach is benchmarked against and aligned to International Organisation for Standardisation ISO 31000:2018 – A Risk Practitioner’s Guide which provides principles and generic guidelines on managing risks. The summary of the Group’s ERM and process are as illustrated below: SCOPE, CONTEXT, CRITERIA Customisation of risk management process and understand the internal & external context RISK TREATMENT Determine risk action planning DNeX VISION, MISSION & CORE VALUES Risk Analysis Determine root causes, likelihood, impact and gross risk rating Risk Evaluation Determine key controls, controls effectiveness, residual risk rating and risk profiling Risk Identification Identify all possible opportunities, hazards, threats and risk Communication & Consultation Promote awareness and understanding on risk & obtain feedback & information to support decision making Continuous Monitoring & Reviewing Regular checking & surveillance for continuous improvements RECORDING & REPORTING Documentation and reporting of risk management process & its outcomes through appropriate mechanism 139 DNeX INTEGRATED REPORT 2022
RkJQdWJsaXNoZXIy NDgzMzc=