Quarterly risk assessments, guided by the Enterprise Risk Management ("ERM") Policy and Framework, inform a detailed risk register, spanning strategic, financial, operational, compliance, IT, and integrity risks. Notably, the ERM Policy and Framework incorporate reclassifications such as ESG Risk, Market Risk, and Partnership Risk. We conducted a supplier risk assessment this year, covering environmental, social, labour, health and safety, tax, and data protection issues which revealed no high risks. Regular communication and reporting mechanisms ensure risk owners address potential issues, presenting progress and mitigation plans at Management Committee meetings. The essential national laws, regulations, and guidelines that pertain to the REIT's business encompass but are not restricted to: Source: Corporate Services The REIT complies with the Occupational Safety and Health Act (OSHA Act) concerning Building Management, upholding our pledge to foster a safe and healthy work environment across all buildings under our management. Source: Legal Unit/ Operations/ Property Manager/ Service Manager DATA PRIVACY AND CYBERSECURITY In our role as custodians of extensive data, including tenant information, financial records and operational details, the REIT places great importance on protecting this information from unauthorised access, breaches and cyber threats. As digital services become integral to the REIT's operations, a robust cybersecurity framework is imperative to mitigate potential cyber-attacks, ensuring business operations continuity and preventing reputational damage. Our Approach Al-Salām REIT implemented initiatives and programmes designed to safeguard the privacy of both customers and employees. Notably, the REIT has established a User Access Rights Matrix, ensuring that access to sensitive information is only granted to authorised personnel. The REIT also strictly adheres to the Personal Data Protection (“PDP”) Policy in compliance with data protection regulations. In anticipation of potential security or privacy breaches, Al-Salām REIT instituted a Cyber Security Procedure. This procedure outlines essential measures to be taken in the event of a data breach, emphasising a swift response to mitigate risks and protect the integrity of information. Collectively, these initiatives reinforce the REIT's data privacy and cybersecurity, ensuring the resilience of our operations and stakeholder trust. Our Performance We are pleased to announce that for this financial year, there have been no instances of data breaches or loss of customer data, serving as a testament to the effectiveness of our data privacy and cybersecurity protocols. 73 ROBUST CORPORATE GOVERNANCE SUSTAINABILITY STATEMENT • Capital Market Services Act 2007 • Income Tax Act 1967 • Main Market Listing Requirements • EPF Act 1991 • Guidelines on Listed REITs • Malaysian Code on Corporate Governance (“MCCG”) • Guidelines on Islamic Capital Market Products and Services • Guidelines on Corporate Governance for Capital Market Intermediaries ZERO incidents of data breaches and loss of customer data
RkJQdWJsaXNoZXIy NDgzMzc=