STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROLS Enterprise Risk Management (ERM) Framework (Cont’d) The ERM Framework is communicated, integrated, and cascaded to all levels each plays its role in in managing risks concerning business processes in the areas of Strategic Planning, Budgeting, Policy Development, Acquisitions/ Investment and Asset Disposals, Performance Management, Building and Asset Management, Integrity, ESG and Business Continuity Management. The diagramme below shows the process to be undertaken in preparing a Risk Profile: The processes involved in the ERM are summarise below: Risk Identification : Finding, recognising, and describing the risks that could affect the achievement of an organisation’s objectives. uring the risk identification process, it is important to identify the risks associated with not pursuing an opportunity. Risk Analysis : Risk shall be analysed and assessed to determine the Risk Rating. The risk analysis should start with determining the root causes/sources of risk, assessing the likelihood and impact to produce a Gross Risk Rating (the risk rated before any preventive/ recovery measures are implemented) Risk Evaluation : Risk evaluation involves the exercise of determining the existing key controls on the identified risk, defining the existing Control Effectiveness and the likelihood and impact of producing the Residual Risk Rating. All risk profiles will be rated based on 2 parameters: Likelihood (that the risk will occur X the impact that it has on the business. Ratings of the risks will be tabulated to produce a heat map The Risk Action Plan/ Mitigation Plan : The risk Mitigation Plan identifies the parties responsible and the timeline for the plan implementation Monitoring Risk Mitigation Performance : Risk monitoring, review, and reporting shall be performed periodically. The frequency of reporting is summarised as per table below Risk Assessment Recording & Reporting Communication & Consultation Monitoring & Review Scope, Context, Criteria Risk Treatment Risk Analysis Risk Evaluation Risk Identification 136 CORPORATE GOVERNANCE 1 2 3 5 6 AL-`AQAR HEALTHCARE REIT ANNUAL REPORT 2023
RkJQdWJsaXNoZXIy NDgzMzc=