Al-`Aqar Healthcare REIT Annual Report 2019

Statement on Risk Management & Internal Control The Board is committed to nurture and preserve a sound system of risk management and internal controls and good corporate governance practises as set out in the Board’s Statement on Risk Management and Internal Control made in compliance with the Principle B of Malaysia Code of Corporate Governance 2017 and Chapter 15.09 of the Main Market Listing Requirements and guided by the Statement on Risk Management and Internal Control: Guidelines for Directors of Listed Issuers. The ERM Framework, which takes effect starting 1 August 2018 outlines the following aspects of Risk Management:- • ERM Policy Statement of Damansara REIT Managers Sdn Berhad; • Organisational Structure and Assigned Roles and Responsibilities; • The Executive Roles and Responsibilities of the Board, Risk Management Committee, Risk Owners of the Manager and Internal Audit; and • Risk Management Approach: Risk Analysis Methods and Risk Appetite. ERM POLICY STATEMENT OF DAMANSARA REIT MANAGERS SDN BERHAD The Manager / DRMSB recognises that it is obliged to systematically manage and regularly review its risk profile at a strategic, financial, operational and compliance level. The Risk Management Committee is set up to ensure that the ERM is being implemented effectively at the operations level. The Risk Registers are reviewed, revised and presented at the quarterly review by the Risk Owners at the Risk Management Committee and reported to the Executive Committee and the BOD. The Board has a stewardship responsibility to understand these risks, provide guidance on dealing with these risks and to ensure risks are managed proactively, in a structured and consistent manner. The objectives of the policy statement are to ensure:- • a common and consistent approach for management of risks is adopted; • the management of risk contributes to the quality of performance and continuous improvement of businesses, its operations and delivery of services and products; and • all significant risks are identified, evaluated, managed and reported in a timely manner to the Risk Management Committee, Executive Committee and the BOD. The policies of the Board for ERM are:- • To integrate risk management into the culture, business activities and decision making processes. Risk management concept, thinking and initiatives must be embedded in the day- to-day business operations and decision- making process. Where risks cannot be so managed, they must be subject to individualised risk management techniques appropriate to a particular risk. • To anticipate and respond to the changing operational, social, environmental and regulatory requirements proactively. As far as reasonably possible, risks must be identified, analysed and dealt with by Management proactively based on their experience, industry knowledge and information available from the market place. DRMSB must not experience any crystalisation of major risk unexpected by the Board. However, this does not mean risk will not transpire, but there are comprehensive plans put in place to respond timely and address the risk impact. • To manage risks pragmatically, to an acceptable level given the particular circumstances of each situation . In dealing with risks, the Board understands that it is not always possible, cost effective or desirable to manage or eliminate risk all together. A cost-benefit approach is needed where the returns must commensurate with the risks taken and reduce cost of risk controls. 05 ESSENCE OF CORPORATE GOVERNANCE 92