Background Image
Previous Page  54 / 158 Next Page
Information
Show Menu
Previous Page 54 / 158 Next Page
Page Background

page

52

FIMA CORPORATION BERHAD

(21185-P) |

Annual Report

2016

STATEMENT ON RISK MANAGEMENT

AND INTERNAL CONTROL

INTRODUCTION

This statement is in line with Paragraph 15.26(b) of the Main Market Listing Requirements (“MMLR”) on the

Group’s compliance with the Principles and Best Practices relating to internal control as stipulated in the Malaysian

Code on Corporate Governance 2012.

The Board acknowledges its overall responsibility for maintaining a sound system of internal control to safeguard

shareholders’ investments and the Group’s assets and for reviewing the adequacy and integrity of the system.

The Group’s system of risk management and internal control covers, inter alia, controls relating to financial

control, risk management, operational, management information systems and compliance with applicable laws,

regulations, rules, directives and guidelines. The process for identifying, evaluating and managing the significant

risks faced by the Group is on-going, regularly reviewed by the Board through its Audit Committee and has been

in place for the whole year under review. In view of the limitations that are inherent in any system of internal

control, the Group’s internal control system is designed to manage rather than eliminate risks that may impact the

achievement of the Group’s business objectives, and can only provide reasonable but not absolute assurance

against material misstatement or loss.

RISK MANAGEMENT

Risk management is regarded by the Board as an important aspect of the Group’s diverse and growing operations

with the objective of maintaining a sound internal control system. To this end, the Group has established the

appropriate risk management infrastructure to ensure that the Group’s assets are well-protected and shareholders’

value enhanced.

The Audit Committee and the Board are supported by a Risk Management Committee (“RMC”), headed by

the Senior Independent Non-Executive Director. The RMC in discharging its duties is supported by a Risk

Management Unit, comprising of senior management and headed by the Managing Director. The RMC identifies

and communicates to the Audit Committee and the Board the present and potential critical risks the Group faces,

their changes and the management action plans to manage these risks.

The RMC is entrusted with the responsibility of implementing and maintaining the enterprise risk management

(ERM) framework to achieve the following objectives:

communicate the vision, role, direction and priorities to all employees and key stakeholders;

identify, assess, treat, report and monitor significant risks in an effective manner;

enable systematic risk review and reporting on key risks, existing control measures and any proposed action

plans; and

create a risk-aware culture and building the necessary knowledge for risk management at every level of

Management.

In line with the achievement of the above objectives, the RMC has undertaken the following:

formalization of risk management policy and procedures and adopted a structured and systematic risk

assessment, monitoring and reporting framework;

appointment of a dedicated risk officer to coordinate the ERM activities within the Group, to supervise the

ERM policy implementation and documentation at Group level and to act as the central contact and guide for

ERM issues within the Group;