133 ANNUAL REPORT 2023 MST GOLF GROUP BERHAD STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL INTRODUCTION The Board of Directors (“Board“) of MST Golf Group Berhad (“Company“) is pleased to present its Statement on Risk Management and Internal Control which outlines the nature and scope of the risk management and internal control of the Company and its subsidiary companies, (“Group“) for the financial year ended 31 December 2023. This Statement is issued in line with the Main Market Listing Requirements of Bursa Malaysia Securities Berhad (“Bursa Securities“) on the status of the Group’s compliance with the principles and best practices relating to risk management and internal control as stipulated in the latest Malaysian Code on Corporate Governance. BOARD RESPONSIBILITIES The Board recognises the importance of sound systems on risk management and internal control in safeguarding the assets and interests of the Group as well as its stakeholders. The risk-based internal control framework of the Group incorporates various control mechanisms, covering strategic, operational, reporting and compliance aspects. The Board has the overall responsibility of overseeing the risk management and internal control systems of the Group. Assisted by management of the Group (“Management“), the Board closely monitors the Group’s internal control systems to ensure they stay aligned with the Group’s objectives and risk appetite. The Management integrates risk management and internal control systems across all facets of the Group's operations, ensures the adoption of approved processes, procedures and practices to effectively address both existing and emerging risks throughout the organization and promptly reports deficiencies and weaknesses in the control environment to the Board for timely risk mitigation. Notwithstanding, the risk management and internal control framework is designed to manage rather than eliminate risks entirely. Therefore, the framework and the processes and procedures within it can only provide reasonable but not absolute assurance against material misstatements, frauds and losses. The Framework consists of the following processes: High level, mission-oriented goals Strategic Effective and efficient resource usage Operations Reliable information and communication Reporting Conformity to laws and regulations Compliance RISK MANAGEMENT AND INTERNAL CONTROL FRAMEWORK The Group’s enterprise risk management and internal control framework (“Framework“) is based on the following four categories of objectives: Shaping company culture, ethical values, risk perception and appetite. Internal Environment Creating goals within the four categories listed above. Objective Setting Distinguishing between internal and external risks and opportunities. Event Identification Evaluating risk based on likelihood and impact. Risk Assessment Deciding whether to avoid, accept, reduce, or share risk. Risk Response Establishing a procedural precedent to ensure an appropriate response. Control Activities Capturing and sharing information to support informed decisions. Information and Communication Continually evaluating and optimizing business and risk processes. Monitoring
RkJQdWJsaXNoZXIy NDgzMzc=