UEM EDGENTA BERHAD ANNUAL REPORT 2021 1 2 3 4 5 6 7 GOVERNANCE 157 156 STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL The Group monitors the business performance of respective business divisions through its KPI and measures it against the approved AOP, 5-year operating plan and strategic plan on a regular basis in the management reports. The management reports, analyses and highlights variances against the plan after taking into consideration the macroeconomic sentiments and associated business risks. Similar reports and results are reviewed by the Board on a quarterly basis. The management is responsible for identifying and executing any mitigation actions, where necessary. Employee’s Authority and Responsibility UEM Edgenta’s internal controls are embedded within the responsibility of each employee as specified in the Job Description. The establishment of performance monitoring serves as a tool to monitor performance against the set KPIs and targets at various levels, covering key financials, customers, internal business processes and learning and growth indicators. Discretionary Authority Limits Clear delegation of authority is defined in the Discretionary Authority Limits (“DAL”), which sets the limit for strategic, operating and capital decisions and expenditures, as well as decision authority for each level of management within the Group, and also the Board’s authority. The DAL is reviewed from time-to-time to ensure effectiveness of strategic and operational executions. Procurement In line with UEM Edgenta’s Digital Transformation Initiatives, we have established new SOPs for procurement aligned to the Oracle System functions encompassing eight (8) key areas, namely, Procurement Strategy & Performance, Category Management, Vendor Management, Sourcing, Purchasing Admin, Contract Management, Master Data Management, and Inventory Management. The Group has dedicated teams to carry out Quality Assurance/Quality Control, and Health, Safety and Environment activities to ensure continuous improvement of processes and ongoing compliance to the established internal policies and procedures, International Management System Standards, contracts and relevant legal requirements. Organisational Structure The organisational structure of the Group is clear and detailed, defining the roles, responsibilities and reporting line of the various Committees of the Board; Management of the Corporate Office and subsidiaries; departments and individuals. The Board appoints the Managing Director/Chief Executive Officer of the Group, Chief Financial Officer, Chief Strategy Officer, Chief People Officer, Chief Digital Officer, and Heads of Divisions within the Group, as well as mission-critical positions. The organisational structure is reviewed regularly to assess its effectiveness and to ensure that it is in line with any changes in business requirements. Operating Plans and Strategies The Group undertakes a comprehensive annual budgeting and forecasting exercise to ensure that the development of business plan for respective operating divisions are in line with the Group’s 5-year operating plan, short-term and long-term strategic plans. Each operating division is responsible for carrying out a comprehensive analysis and identifying the strategic priorities as part of the formation process of the Group Annual Operating Plan (“AOP”), 5-year operating plan and strategic plan. It also includes the establishment of Key Performance Indicators which is deliberated and approved by the Board. The approved AOP, 5-year operating plan and strategic plans are then cascaded to the senior management team across the Group’s business divisions for planning and execution. STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL The potential risks pertaining to these key areas are mitigated through procedural governance and compliance monitoring of the SOPs users. The SOPs will be reviewed periodically and updated as and when required to ensure continuous improvement of internal controls and taking into consideration any additional process improvement required. The provisions for Integrity & Compliance (i.e., Code of Conduct for Business Partner, Business Partners Letter of Declaration), HSSE Management Requirements are incorporated accordingly in the procurement terms and conditions to create awareness on our anti-bribery, anti-corruption, safety and accountability policies amongst our suppliers and contractors at the early stage of engagement with these stakeholders. Insurance on Assets Sufficient insurance coverage and physical safeguards on the Group assets, including its human resources are in place to ensure adequate coverage against any mishaps that could result in material loss. Coverage typically includes damage to or theft of assets; liability coverage for the legal responsibility to others for accidents, bodily injury or property damage; and medical coverage for the cost of treating injuries and illnesses, rehabilitation and fatalities. Insurance coverage is reviewed regularly to ensure sufficient coverage in view of changing business environment or assets. Business Continuity Management Business Continuity Management (“BCM”) is defined as an all-rounded management process that recognises possible threats to a company and the effects on business operations it may cause, and offers an outline for building organisational flexibility with the aptitude for an effective response that protects the interests of its key stakeholders, reputation, brand and value-creating actions. UEM Edgenta continues to deliver an effective BCM programme as part of its efforts to enhance organisational resilience that enables effective response to continue operations and deliver critical services in the event of crisis and business disruption. UNDER THE UMBRELLA OF BUSINESS CONTINUITY MANAGEMENT INTEGRATED SOLUTIONS BUSINESS CONTINUITY Relocation DISASTER RECOVERY IT Recovery & Continuity EMERGENCY RESPONSE Life Safety CRISIS MANAGEMENT Business Protection
RkJQdWJsaXNoZXIy NDgzMzc=