STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL The threat of COVID-19 pandemic since early 2020 is effectively managed and contained through risk assessments, situational analysis, case management and mitigation measures. Standard operating procedures are regularly reviewed in accordance to the legislative requirements and best practices. Cybersecurity conducts risk assessments on emerging technology areas, collaborates with operating units on internal and external audits and ensuring audit findings on cybersecurity areas have been closed satisfactorily. Regular reviews are done to continuously improve operational processes. HSSE assurance is carried out on the respective business segments, vessels and floating facilities by Group HSSE with the objective to verify, evaluate and review the HSSE operational activities to ensure their operational integrity and reliability are maintained at all times, consistent with international regulations, HSSE controls and internal policies. The Group’s vessels are subjected to stringent audits, vetting and inspections to meet various regulatory and commercial requirements. These include vetting by oil majors, audits by the Malaysian Marine Department and ship classification societies to maintain international safety and security management certification under the relevant codes. In addition, MISC is also subjected to periodic management reviews by its customers’ risk management units. The Group HSSE Council, chaired by the President/Group CEO with the MC and MD/CEO of all subsidiaries as members, reviews the Group HSSE performance on a monthly basis and HSSE policies and strategies periodically, to ensure that they are in line with business objectives. The BSRC will then be updated on the HSSE quarterly performance while the BAC oversees the HSSE risk and control effectiveness through review of the assurance findings on a half yearly basis. With regard to the associate companies and jointly controlled entities, the Board does not regularly review their internal control systems as the Board has no direct control over their operations. Nevertheless, MISC’s interests in the associate companies and jointly controlled entities are served via representations on the boards as well as review of management accounts and enquiries thereof. MISC’s GIA supports the BAC by providing independent review on the adequacy of risk management, governance as well as the efficiency and effectiveness of the internal control systems. The authority, responsibilities and scope of work are defined in the approved Internal Audit Charter, which is aligned with the principles outlined in the International Professional Practices Framework (IPPF). In performing its audit engagements, GIA refers to the internal control framework and guideline issued by the Committee of Sponsoring Organisations of the Treadway Commission (COSO). COSO is an internationally recognised organisation providing guidance on internal control, enterprise risk management and governance. Further information on the internal audit functions are set out in the Statement of Internal Audit on pages 208 to 209 in the BAC Report of this Integrated Annual Report. Group Internal Audit Other Matters Affirmation by the Board Review by External Auditor Conclusion The Board has received assurance from the President/Group CEO and VP Finance that the internal control and risk management systems of the Company and its subsidiaries for the year under review up to the date of approval of the statement are, in all material aspects, operating adequately and effectively. During the financial year under review, there was no significant control failure or weakness that would result in material losses, contingencies or uncertainties requiring separate disclosure in this Integrated Annual Report. The external auditor, Messrs. Ernst & Young PLT, has reviewed this Statement on Risk Management and Internal Control for inclusion in the Integrated Annual Report for the financial year ended 31 December 2022, in compliance with paragraph 15.23 of the Listing Requirements in accordance with guidelines issued by the Malaysian Institute of Accountants and reported to the Board that nothing has come to their attention to cause them to believe that the statement intended to be included in the Integrated Annual Report is not prepared, in all material respects, in accordance with disclosures required by Paragraph 41 and 42 of the Statement on Risk Management and Internal Control: Guidelines for Directors of Listed Issuer, or that the statement is factually inaccurate. For the financial year under review, based on enquiry, information and assurance provided, the Board is satisfied that the internal control and risk management systems were generally satisfactory. Measures would continuously be taken to ensure ongoing adequacy and effectiveness of the internal control and risk management systems, and to safeguard the Group’s assets and shareholders’ investment. This statement is made in accordance with the resolution of the Board of Directors dated 23 February 2023. 235 234 Governance Governance MISC Berhad Integrated Annual Report 2022
RkJQdWJsaXNoZXIy NDgzMzc=