55 INTEGRATED ANNUAL REPORT 2025 VALUE CREATION AT YINSON | RISKS AND OPPORTUNITIES RISKS AND OPPORTUNITIES Yinson safeguards stakeholders’ interests with strong risk management tools and processes. This enhances our ability to navigate uncertainties and capitalise on opportunities. Our approach supports calculated risk-taking by identifying potential threats and opportunities while minimising losses through preventive and recovery measures. To this end, our ERM Policy Statement & Framework guides our risk management at every level. Cybersecurity risk Definition and impact of the risk on Yinson Cybersecurity risks include potential attacks on Yinson’s infrastructure, such as brute force, Distributed Denial of Service (DDoS), hacking, ransomware and phishing, which could compromise the confidentiality, integrity and availability of data and systems. As organisations worldwide adopt digital transformation and advances, technologies like AI to optimise efficiencies and support growth, exposure to cybersecurity risks has increased and may adversely affect Yinson. Cybersecurity incidents in Information Technology (“IT”) and Operation Technology (“OT”) systems may result in data loss and/or Lost Time Injury (“LTI”), leading to financial and reputational damages, as well as potential legal consequences. How we manage or mitigate the risk • Implemented the Group Cybersecurity Roadmap, comprising multiple initiatives involving both IT and OT, which have strengthened the Group’s cybersecurity systems. • Established new frameworks and enhanced existing security policies and plans. • Conducted cybersecurity table-top exercises to strengthen cyber response and recovery procedures. • Deployed new initiatives to strengthen overall cybersecurity measures. Moving forward (opportunities) • Strengthen cybersecurity resilience by implementing enhanced security protocols, ongoing employee awareness initiatives and best practices to govern, identify, detect, prevent and respond to cybersecurity threats effectively. The Risk Management unit, part of the Governance, Risk and Compliance (“GRC”) Department, continues to strengthen risk practices across the Group. In 2024, we conducted in-depth risk review sessions for the Group, ensuring our risk profiles remain forward-looking, strategically aligned and reflective of our evolving business landscape. To enhance organisational resilience, the GRC Department established and received Board approval for the BCM Framework. We also developed departmental BCP and updated the CMP to reflect current operational realities and potential threats. These efforts are key to safeguarding Yinson’s critical functions by ensuring clear response strategies and recovery mechanisms. In 2025, we will focus on testing both the CMP and BCPs to validate readiness and strengthen our response mechanisms. Statement on Risk Management & Internal Control, pg 138. Yinson continues to identify and monitor emerging risks that may impact the Group’s future performance. Key risks include global supply chain disruptions, evolving ESG and carbonrelated regulations and the shortage of specialised talent in areas like clean energy technologies. These risks may affect project delivery timelines, increase operational and compliance costs and limit our ability to scale effectively. Closely linked to our strategic focus on financial discipline, capital management and organisational growth, these challenges highlight the need to build resilience across our business. For this reason, Yinson remains committed to addressing these developments while delivering long-term and sustainable value for stakeholders.
RkJQdWJsaXNoZXIy NDgzMzc=