Fima CORPORATION Berhad

(197401004110) (21185-P) •

Annual Report 2020

91

The RSC, as a sub-committee to the ARC, is entrusted with the responsibility of implementing and maintaining the ERM framework to

achieve the following objectives:

(a) Communicate the vision, role, direction and priorities to all employees and key stakeholders.

(b) Identify, assess, treat, report and monitor significant risks in an effective manner.

(c) Enable systematic risk review and reporting on key risks, existing control measures and any proposed action plans.

(d) Heightening risk awareness culture in the business processes through risk owners’ accountability and sign-off for action plans and

continuous monitoring.

(e) Compilation of the business units’ risk profiles in relation to the Group risk parameters, the top risks from each business segment.

Below are the steps of compilation of risk information conducted within the Group:

Prepare

RMU prepares

the Risk Register

indicating the

current condition of

each risk and plan

Compile

Risk Management

Coordinator

compiles all Risk

Registers

Review

RSC review Risk

Registers together

with RMU annually

Update

Risk Register is

updated based

on the latest risk

information

Monitor

RMU is to monitor

and report risk

information

1

2

3

4

5

The Board retains the overall risk management responsibility in accordance with Best Practice of the Malaysian Institute of Corporate

Governance, which requires the Board to identify principal risks and ensure the implementation of appropriate systems tomanage these risks.

Organisation

Hierarchy

BOARD

(Executive

Management)

Vision

division & SBU

(Senior Management

& Mid-Management)

Strategic

Objectives & Goals

External

Risks

internal

Risks

operations/functions

(Executive & Staff)

operational

Goals & Targets

Business

objectives

Hierarchy

FRame of

reference

Aligned

The Board reviews the effectiveness of the risk management and internal control system through the following monitoring and assessment

mechanisms:

•

Quarterly reviews on the Group’s actual financial and operational performance versus planned performance and other key financial

and operational performance indicators.

•

Reviews of specific transactions, projects or opportunities are also discussed between the management and the Board as and when

required. This allows the Board and management to manage potential risks.

•

The ARC deliberates and discusses reports issued by the GIA and external auditors pertaining to financial, operational, governance,

risk management and control matters. The status of preventive and corrective actions for issues discussed are also updated to the

ARC to enable monitoring of the actions.