A L - S A L Ā M R E I T A N N U A L R E P O R T 2 0 2 1 112 STATEMENT ON RISK MANAGEMENT & INTERNAL CONTROL INTRODUCTION This Statement on Risk Management and Internal Control by the Board of Directors (“Board”) on the Group is made pursuant to paragraph 15.26(b) of the Main Market Listing Requirements (“MMLR”) of Bursa Malaysia Securities Berhad (“Bursa Securities”) and the Malaysian Code on Corporate Governance (“MCCG”). This Statement outlines the nature and scope of risk management and internal control of the Group during the financial year under review and up to the date of approval of this statement and covers all of the Fund’s operations as guided by the Statement on Risk Management and Internal Control: Guidelines for Directors of Listed Issuers and taking into consideration the recommendations of the MCCG 2017. BOARD’S RESPONSIBILITIES The Board recognises and affirms its overall responsibility in maintaining a risk management framework and internal control systems as well as to review the adequacy and integrity of the system. The system of risk management and internal control covers financial, operational, management information systems, organisational and compliance controls. In view of the limitations that are inherent in any systems of internal controls, the internal control and risk management are designed to manage risk within tolerable levels rather than eliminate the risk of failure to achieve business objective. Accordingly, it should be noted that these systems can only provide reasonable but not absolute assurance against material misstatement or loss. There is an ongoing process for identifying, evaluating and managing the significant risks faced by the Group in its achievement of objectives and strategies. The process has been in place during the year up to the date of approval of the annual report and is subject to review by the Board. RISK MANAGEMENT AND INTERNAL CONTROL Risk Management The Board fully supports the contents of Principle B of the MCCG which calls for the establishment of an effective risk management and internal control framework and the disclosure thereof. The Board is assisted by the Board Audit and Risk Committee (“BARC”) in evaluating, assessing and reviewing the adequacy of the Group’s system of risk management. The oversight role of risk management is carried out by the Board and BARC. Mandate and commitment from the Board and BARC are key contributors to the success factors in the implementation of enterprise risk management programmes. The Board and BARC set the strict direction for risk roles, responsibilities, and risk reporting structures. The BARC is assisted by the Enterprise Risk Management (“ERM”) Committee, which consists of the CEO & Executive Director, and respective heads of department. The function of the ERM Committee is to drive risk management guided by the ERM Policy and Framework to ensure effective identification of emerging risks and management of identified risks through implementation of appropriate controls and risk treatment strategies. Risk owners who are also ERM Committee members are managers or heads from the divisional units to identify and evaluate the risks related to their business objectives or budgets against which performance is measured and to establish the risk profiles during the risk assessment sessions. The discussions relating to ERM, and risk profiles are carried out through the ERM Committee which sits every quarter. The periodic reporting to both the Board and BARC on the risk management activities undertaken by the ERM Committee, to keep the Board and the BARC apprised and advised of all aspects of the enterprise risk management, and significant risks and risk trends.
RkJQdWJsaXNoZXIy NDgzMzc=