STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL (CONT’D) [3] RISK ASSESSMENT [1] COMMUNICATION & CONSULTATION [5] MONITORING & REVIEW [6] RECORDING & REPORTING [2] SCOPE, CONTEXT, CRITERIA [4] RISK TREATMENT RISK IDENTIFICATION RISK ANALYSIS RISK EVALUATION RISK MANAGEMENT SYSTEM (CONT’D) The responsibility and accountability for embedding risk management within the Group are vested in the EC. The EC is responsible for: • monitoring and reviewing the risks and opportunities associated with the Group’s business strategies and its operating processes; • reviewing the design, implementation and monitoring of the ERM framework and practices in accordance with the Group’s strategic vision and overall risk appetite; • setting the materiality limits for reporting and communication of performance; and • reviewing and assessing the adequacy of risk management mitigation plans and internal control to manage the material risks. The EC reports its assessment on the adequacy and effectiveness of the Group’s risk management and internal control systems to the ARMC, which in turn provides oversight and reports to the Board. HODs perform regular reviews to identify and assess risks and to implement approved mitigation plans. Material riskrelated events are escalated to the GRC. The Head of GRC coordinates, evaluates and reports risk assessments and action plans to the EC on a timely basis. The Group’s risk management process is illustrated as follows: 134 KEYFIELD INTERNATIONAL BERHAD 202001038989 (1395310-M) THE BOARD ARMC EC GRC HODS
RkJQdWJsaXNoZXIy NDgzMzc=