c o r p o r at e G O V E R N A N C E
74
The RMC is entrusted with the responsibility of implementing and maintaining the ERM framework to achieve the following
objectives:
(a)
Communicate the vision, role, direction and priorities to all employees and key stakeholders.
(b)
Identify, assess, treat, report and monitor significant risks in an effective manner.
(c)
Enable systematic risk review and reporting on key risks, existing control measures and any proposed action plans.
(d)
Create a risk-aware culture and building the necessary knowledge for risk management at every level of management.
Board of Directors
audit committee
risk management committee
risk management unit
risk management function
group internal audit
In line with the achievement of the above objectives, the RMC has undertaken the following activities:
(a)
Reviewed the extent of the controls and measures which have been put in place by each Risk Management Unit (“RMU”)
to ensure the risks are managed to an acceptable level. Below are the steps of conducted within the Group:
2.
Risk
Management
Coordinator
compiles all the
Risk Profiles
3.
RMC review the
Risk Profiles
together with
RMU annually
4.
Risk Profiles
updated with the
updated controls
and measures to
be taken
5.
RMU to monitor
and report on
the controls and
the condition of
each risk
1.
Each RMU
updates the Risk
Profile indicating
the current
condition of each
risk and plan
STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL
(b)
Heightened risk awareness culture in the business processes through risk owners’ accountability and sign-off for action
plans and continuous monitoring.
(c)
Compilation of the business units’ risk profiles in relation to the Group’s risk parameters, the top risks from each business
segment and reported to the RMC for review, deliberation and approval.
(d)
Fostered a culture of continuous improvement in risk management through risk review meetings and provided a system
to manage the central accumulation of risk profiles data with risk significance rating for the profiles as a tool for prioritising
risk action plans.