DISASTER RECOVERY PLANNING The Business Continuity Management (“BCM”) process within the Group extends to encompass Disaster Recovery Planning (“DRP”), aimed at ensuring the utmost security for data, systems, and applications stored in the cloud. UEM Edgenta places emphasis on the swift and efficient retrieval of company data, a pivotal aspect of its strategy for maintaining seamless business continuity. However, it also recognises the challenges posed by aging technologies that may hinder recovery processes and limit the agility of disaster response efforts. By addressing such limitations, the Group is better positioned to ensure that its disaster recovery capabilities remain robust and aligned with the pace of modern technological advancements. The emphasis on quick access to data is instrumental in minimising downtime during unforeseen events or disasters, thereby preserving overall productivity levels. Through this comprehensive approach to BCM, which includes both optimising recovery mechanisms and modernising outdated systems, the Group not only safeguards its digital assets but also fortifies its resilience against potential disruptions. This demonstrates a commitment to maintaining operational continuity and safeguarding business interests, even in the face of evolving technological demands. JOINT VENTURES AND ASSOCIATES The disclosures in this statement do not include the risk management and internal control practices of the Group’s joint venture and associate companies, as the Board does not have any direct control over their operations. The Group’s interests in these entities are safeguarded through the representation on the Boards of the respective companies where management accounts and periodical reports are received and reviewed, as well as deliberation on proposals related to these companies. Such representation also provides the Board with information for decision-making on the continuity of the Group’s investments based on the performance of the Group’s joint venture and associate companies. INTERNAL AUDIT The Group has established its own Internal Audit Department (“IAD”) to carry out the internal audit function of the Group. IAD reports functionally to the Audit Committee (“AC”) and administratively to the Managing Director/Chief Executive Officer. The IAD regularly reviews the Group’s systems of internal controls and evaluates the adequacy and effectiveness of the controls, risk management and governance processes implemented by the management. The reviews conducted are based on the risk-based Annual Audit Plan approved by the AC. The results of audit reviews, including status of management action plans to address gaps identified in the governance processes, risk management processes and controls during the engagements are reported regularly to the AC for deliberation. The Group has also established a Management Audit Committee (“MAC”) to ensure effective actions are taken to address internal control weaknesses and proper closures of all audit issues and areas for improvement highlighted by the IAD. The MAC is chaired by the Managing Director/Chief Executive Officer and holds its meeting regularly. Internal control weaknesses and areas for improvement regarding risk management and governance identified during the financial period under review have been or are being addressed by the management. None of the weaknesses identified have resulted in any material loss that would require disclosure in the Group’s financial statements. ASSURANCE FROM MANAGEMENT The Board has received assurance from the Managing Director/ Chief Executive Officer and Chief Financial Officer that a review on the adequacy and effectiveness of the risk management framework and internal control system has been undertaken and the Group’s risk management and internal control system are operating adequately and effectively, in all material aspects, based on the risk management and internal control system of the Group. REVIEW OF THE STATEMENT BY EXTERNAL AUDITORS The External Auditor has performed limited assurance procedures on this Statement on Risk Management and Internal Control in accordance with the Malaysian Approved Standard on Assurance Engagements, ISAE 3000 (Revised), Assurance Engagements Other than Audits or Reviews of Historical Financial Information and Audit and Assurance Practice Guide 3, Guidance for Auditors on Engagements to Report on the Statement on Risk Management and Internal Control included in the Annual Report issued by the Malaysian Institute of Accountants (“MIA”) for inclusion in the Annual Report of the Group for the year ended 31 December 2024, and reported to the Board that nothing has come to their attention that causes them to believe that the statement is not prepared, in all material respects, in accordance with the disclosure required by paragraphs 41 and 42 of the Statement on Risk Management and Internal Control: Guidelines for Directors of Listed Issuers, nor is the Statement factually inaccurate. This Statement on Risk Management and Internal Control was approved by the Board on 26 March 2025. CONCLUSION The Board is of the view that the risk management and internal control system are in place for the year under review, and up to the date of approval of the Statement on Risk Management and Internal Control, are sound and sufficient to safeguard shareholders’ interests and the Group’s assets. Statement on Risk Management and Internal Control UEM EDGENTA BERHAD 252 Integrated Annual Report 2024
RkJQdWJsaXNoZXIy NDgzMzc=