75

F i m a C o r p o r at i o n B e r h a d ( 2 1 1 8 5 - P ) •

A n n u a l R e p o r t 2 0 1 8

ORGANIZATION

HIERARCHY

BOARD

(Executive

Management)

VISION

EXTERNAL

RISKS

INTERNAL

RISKS

Divisions & SBU

(Senior Management &

Mid-Management)

Strategic

Objectives & Goals

Operational

Goals & Targets

Operation/Functions

(Executives & Staff)

BUSINESS

OBJECTIVES

HIERARCHY

FRAME OF

REFERENCE

ALIGNED

Board of Directors retains the overall risk management responsibility in accordance with Best Practice of the Malaysian

Institute of Corporate Governance, which requires the Board to identify principal risks and ensure the implementation of

appropriate systems to manage these risks.

STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL

The ERM framework adopted by the Group encompasses the risk assessment process, organisational oversight and

reporting function to instil the appropriate discipline and control by continuously improving risk management capabilities. Risk

assessment, monitoring and review of the various risks faced by the Group are a continuous process within the key operating

units with the RMC playing a pivotal oversight function.

The ERM assessment was conducted through a combination of workshops and interviews involving the senior management

and the key enterprise risks faced around the Group’s business units are then reported to the Audit Committee on annual

basis. The workshops and interviews conducted have generated the following reports:

• Detailed Risk Register.

• Risk Parameters.

• ERM Report.

These reports were summarised as risk profile and provide the basis for the following:

• Business action plans and improvement strategies.

• Developing cost effective control strategies.

• Prioritisation of areas for operational audit.

All subsidiaries within the Group will update and present their risk profiles to the RMC on an annual basis for the RMC’s review

and approval.