MISC BERHAD INTEGRATED ANNUAL REPORT 2025 08 09 10 01 02 03 04 05 06 07 12 13 SEC 11 GOVERNANCE 10 226 www.miscgroup.com 227 www.miscgroup.com #deliveringProgress STATEMENT ON RISK MANAGEMENT & INTERNAL CONTROL During the year, several strategic project proposals, including participation in tenders and bids, were assessed and deliberated by the Group. These proposals were evaluated to ensure the risks were comprehensively identified and aligned with the Group’s overarching business strategy and the MISC 2030 Ambition. The assessment process considers the strategic rationale, potential risks, including exposures during project execution as well as during operations, and expected returns to ensure these potential investments support the Group’s vision. Key ERM Activities in FY2025 • Reviewed and endorsed the MISC Group Risk Register and the Primary Risk Events for FY2025. • Reviewed and endorsed the Statement of Risk Management and Internal Control for inclusion in the MISC Integrated Annual Report FY2025. • Reviewed and endorsed the Financial Risk Appetite Setting for FY2025. • Monitored and reported the status, risk indicators, thresholds, and performance for MISC Group Risk Appetite and ERM on a quarterly basis. • Undertook risk assessments for participation in new projects/tenders and monitored the progress of new projects under the PRA Framework. • Reviewed and provided appropriate recommendations for the MISC Group Corporate Risk Profile for FY2025. • Reviewed of MISC RADM Framework, MRC’s Terms of Reference and BSRC’s Terms of Reference. • Conducted the annual ERM focused training session for risk focal points across the Group as part of a continuous upskilling programme. In 2025, training and workshop sessions on ERM principles and practices, focusing on identifying and managing sustainability and climate-related risks and opportunities, were conducted. • Led the integration of sustainability-related risks into the ERM process, aligning it with the organisation’s adoption of IFRS S1 and IFRS S2 in accordance with NSRF and ISSB requirements. Material sustainability-related risk outcomes are now identified, assessed, and documented within the Corporate Risk Profile and Risk Registers, ensuring consistent Group-wide oversight. • For continuous improvement of ERM processes, BSRC’s feedback was gathered to identify gaps and areas of improvement, followed by actionable recommendations to enhance risk governance. Crisis Management Crisis Management is a holistic and cohesive approach designed to enhance MISC Group’s ability to anticipate, prepare for, respond to, and manage crises across all risk dimensions of people, environment, assets, and reputation. The MISC Strategic Crisis Management Guideline (SCMG) was established in 2023 replacing the MISC Group Crisis Management Plan (2019). The document was revised in 2025 to reflect leadership changes and updated legislation. The SCMG outlines the roles and responsibilities within the crisis management structure and is used in the preparation and planning of crisis responses across MISC Group. A three-tiered response system provides the clear demarcation of roles and responsibilities between emergency site management, business segment/subsidiary management, corporate crisis management and the relevant internal/external response agencies and/or authorities. An incident beyond the business/service unit/subsidiary’s capacity to control and consequently that requires action from MISC Group, government and/or other external parties. There may be potential for multiple fatalities and severe damage/injury to assets/personnel and the environment, possibly involving neighbouring sites and surrounding communities. A situation where there is danger to life and a risk of damage to the environment, property and reputation. The incident is within the control of the business/service unit/ subsidiary with limited external assistance. A situation where there is no danger to life, nor any risk of damage to environment, property and reputation. The incident is within the control of the unit/site with limited external assistance. STATEMENT ON RISK MANAGEMENT & INTERNAL CONTROL Tier 3 Crisis Tier 2 Major Incident Tier 1 Minor Incident Notification & Escalation Group Crisis Management Team led by President & Group Chief Executive Officer (CEO) Emergency Management Team led by respective MD/ CEO or Vice President Emergency Response Team led by On-Scene Commander An integrated crisis management tabletop exercise was conducted in 2025 based on a simulated incident to test the effectiveness of the SCMG and the Crisis Management Team in ensuring a coordinated and timely response during a crisis. Additionally, drills and tabletop exercises were conducted for emergencies on various vessels and offshore facilities, validating response plans and promoting continuous improvement. These proactive measures highlight the Group’s commitment to enhancing crisis management capabilities, ensuring swift and effective responses to unforeseen challenges, and fostering resilience. BUSINESS CONTINUITY MANAGEMENT Business Continuity Management (BCM) aims to build the capability of the MISC Group to recover and continue the operations of critical business functions in the event of a disruption. In 2024, MISC established the BCM Framework to set expectations for clear and consistent BCM practices throughout the MISC Group. Through the BCM process, the Business Continuity Plan is developed to enhance MISC Group’s readiness to recover and restore essential business functions within a reasonable time to sustain business activities and minimise stakeholder disruption. Annual Business Impact Analysis and recovery strategy reviews are carried out to ensure changes in the Group are risk-assessed, analysed and mitigated. The mitigation actions also take into consideration different work environments such as flexible working arrangement and other remote working arrangements. This is achieved seamlessly by the application of technology, deployment of digital platforms for communication and collaboration to ensure our teams are able to work remotely and effectively. Through the operational resilience that MISC Group has built over the years and the well-executed recovery plans, MISC Group was able to provide uninterrupted services to its clients, as well as internal and external stakeholders, globally.
RkJQdWJsaXNoZXIy NDgzMzc=