UEM EDGENTA BERHAD Integrated Annual Report 2025 246 f. Monitor, review and report risks Risk events and trends to be continually reviewed, assessed and monitored. Similarly, risk responses and mitigation plans are monitored continuously to ensure their relevance and effectiveness and are operating as designed and expected. g. Communication Communication is required for an effective risk management programme. The evolving business conditions continuously alters the risk profile of the Group and/or business, hence, frequent and explicit engagement and discussions about risk is vital to maintain continuous awareness and effective management of key risks. Summary of Risk Management Activities Risk management activities undertaken for the financial year at the Group and subsidiaries to instil a proactive risk management culture and ownership are as follows: • Periodic risk awareness briefings and risk management workshops are conducted as part of continuous efforts to inculcate a proactive risk-aware culture within the Group. • Risk Management Status Reports are produced quarterly at the minimum and are presented to the RICC, BGRC and Board for deliberation and approval. • Quarterly review and monitoring implementation of risk action plans by RICD to ensure their appropriateness and effectiveness. • Identification and reporting of emerging, key business risks and mitigation plans to the RICC, BGRC and Board for deliberation and approval. • Provides risk management consultation and advisory services to projects, investment and potential business leads. • Organised training programmes with external subject matter experts to equip Directors, the Senior Leadership Team, Heads of Business Units, and the management team with the necessary knowledge and skills to effectively discharge their roles in risk management and business resilience. INTERNAL CONTROLS The key elements of the internal control system established by the Board that provides effective governance and oversight of internal control include: POLICIES AND PROCEDURES The Group has established and implemented a comprehensive set of policies and procedures to ensure effective governance, regulatory compliance, risk management, and continual improvement of business operations. The policies were objectively providing overall direction, principles and commitments of the organisation, with dictation to the mechanism of a department or an individual employee. The policies were periodically reviewed and approved by Top Management and cascaded to all levels of the organisation for alignment of awareness of such as quality, occupational safety and health, environment, ethics, anti-bribery, information security, and human resource management. These policies demonstrate management commitment, align with legal and regulatory requirements, and support the Group’s strategic objectives. Standard of Procedures and Working Guidelines of the Group and its subsidiaries were translated from these policies, supported from various management systems, into actionable and consistent practices. Procedures define the roles and responsibilities, workflows, controls, and monitoring mechanisms required to carry out activities effectively. Through the establishment and effective implementation of these policies and procedures, the Group ensures consistent operations, compliance with applicable requirements, protection of employees and stakeholders, and continual improvement of its management systems through internal audit and certification audit by accredited certification body. The Group, via its subsidiaries, has in place several Internationally Accredited Management Systems (e.g. ISO 9001:2015 – Quality Management Systems, ISO 14001:2015 – Environmental Management Systems, ISO 45001:2018 – Occupational, Health & Safety Management Systems, ISO 13485:2016 – Medical Device and ISO 39001:2012 – Road Traffic Safety Management Systems) to standardise its management and operational processes and to further improve its efficiency. These certifications reflect the Group’s commitment to ensuring quality deliverables to customers, safeguarding Health, Safety, Environment (HSE) of the employees and its related communities. STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL
RkJQdWJsaXNoZXIy NDgzMzc=