Background Image
Previous Page  83 / 204 Next Page
Information
Show Menu
Previous Page 83 / 204 Next Page
Page Background

(b) Heightening risk awareness culture in the business processes through risk owners’ accountability and

sign-off for action plans and continuous monitoring.

(c) Compilation of the business units’ risk profiles in relation to the Group risk parameters, the top risks from

each business segment and reported to the RMC for review, deliberation and approval.

(d) Fostering a culture of continuous improvement in risk management through risk review meetings; and

provide a system to manage the central accumulation of risk profiles data with risk significance rating for

the profiles as a tool for prioritising risk action plans.

Board of Directors retains the overall risk management responsibility in accordance with Best Practice of the

Malaysian Institute of Corporate Governance, which requires the Board to identify principal risks and ensure the

implementation of appropriate systems to manage these risks.

BOARD

(Executive

Management)

VISION

Divisions & SBU

(Senior Management &

Mid-Management)

Strategic Objectives

& Goals

Operation/Functions

(Executives & Staff)

Operational Goals

& Target

Business

Objectives

Hierarchy

External

Risks

Internal

Risks

Frame of

Reference

Organisation

Hierarchy

Aligned

The ERM framework adopted by the Group encompasses the risk assessment process, organisational oversight

and reporting function to instil the appropriate discipline and control around continuously improving risk

management capabilities. Risk assessment, monitoring and review of the various risks faced by the Group are

a continuous process within the key operating units with the RMC playing a pivotal oversight function.

The ERM assessment was conducted through a combination of workshops and interviews involving the senior

management and the key enterprise risks faced by the Group’s business units are then reported to the Audit

Committee on annual basis. The workshops and interviews conducted have generated the following reports:

(a) Detailed Risk Register.

(b) Risk Parameters.

(c) ERM Report.

These reports were summarised as risk profile and provide the basis for the following:

(a) Business action plans and improvement strategies.

(b) Developing cost effective control strategies.

(c) Prioritisation of areas for operational audit.

corporate

governance

79