RISK MANAGEMENT COMMITTEE The Risk Management Committee (“RMC”) is responsible to implement the policies and procedures established by the Board and Board Governance and Risk Committee (“BGRC”) in ensuring a sound and robust Risk Management Framework (“RMF”) to achieve the Group’s strategic objectives, safeguard shareholders’ investments and its assets. The RMC is chaired by the Group’s Managing Director/Chief Executive Officer and consists of Head of Companies of the Group and co-opted members from the management team of the Group. The RMC undertakes the following responsibilities: The RMC is assisted by the Risk, Integrity & Compliance Department (“RICD”), which is primarily responsible for the implementation of the risk management, business resilience and compliance integrity processes and practices within the Group. A Charter, which defines RICD’s responsibilities, scope and authority, has been established and endorsed by the Board. RISK MANAGEMENT Managing risks is an integral part of the Group’s daily business activities and management decision making process. It involves the activity of identifying, assessing, monitoring and managing risks and uncertainties that could inhibit the Group’s ability to achieve its strategy and strategic objectives. Risk Management Framework The Group has in place a Risk Management Framework (“RMF”) that provides the foundation and organisational arrangement for managing risk across the Group. Principally aligned with ISO:31000, the RMF sets out the context and objectives, emphasising on enterprise-wide risk assessment and management encompassing the identification, assessment and measurement, mitigation responses, as well as monitoring, communicating and reporting of risks. The RMF serves as a tool in managing both existing and emerging risks with the objective to enhance and protect stakeholders’ interests and at the same time to safeguard the Group’s assets and reputation. Review and recommend risk management policies and procedures for the approval or acknowledgement of the BGRC and Board and Managing Director/Chief Executive Officer respectively; Act as Primary Champion of risk management at strategic and operational levels; Review the ongoing adequacy and effectiveness of the risk management process; Review and deliberate on identified risks, controls and risk mitigating strategies to ensure that these are adequately managed; Review the Group’s resilience in event of a crisis or disaster and ensure adequate insurance coverage against key risks and perils; Review and implement compliance programmes to drive and embed a culture of ethical behaviour and integrity; and Ensure that the BGRC and Board receive adequate and appropriate information for review and decision-making purposes. STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL Risk Management Approach The Group’s risk management approach adopts a process which entails a consistent and systematic approach in the identification, assessment, monitoring and reporting of risk exposures. The risk management process is applied throughout the whole of the Group (enterprise level) or to any part of a business (i.e., divisions, departments, functions, business units and projects). The risk management approach comprises sequential steps of activities that are interrelated and iterative as follows: a. Set/clarify business objectives Set and understand the objectives for the Group and/or its business. STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL KEY FEATURES OF RISK MANAGEMENT FRAMEWORK RISK APPETITE The amount of risk that the Company is prepared to accept or retain in pursuit of its business objectives and value Risk Assessment Methodology Risk Governance and Structure Information & risk reporting Policy and Review Board of Directors Board Governance and Risk Committee Risk Management Committee Risk, Integrity & Compliance Department Risk Management Unit Committee Risk Owners (Company/Joint Venture/ Business Unit/Division/ Department/Function/Project/ Process & etc.) Clarify objectives Communicate Establish context Monitor, review & report risks Identify risks Respond to risks Assess risks b. Establish the context Establish the context and boundaries within which the Group and/or the business operates. c. Risk Identification Identify risks together with their respective causes and consequences which could affect/influence the achievement of the Group and/or business objectives. d. Risk Assessment Identified risks are prioritised to determine the overall effect on the Group and/or business by evaluating the potential impact on business objectives should a risk materialise together with the likelihood of its occurrence. p.238 p.239 UEM EDGENTA BERHAD INTEGRATED ANNUAL REPORT 2022 1 2 3 4 5 6 7 8 9 GOVERNANCE
RkJQdWJsaXNoZXIy NDgzMzc=