page

78

KUMPULAN FIMA BERHAD

(11817-V) |

Annual Report

2016

The ERM framework adopted by the Group encompasses the risk assessment process, organisational

oversight and reporting function to instil the appropriate discipline and control for continuously improving risk

management capabilities. Risk assessment, monitoring and review of the various risks faced by the Group

are a continuous process within the key operating units with the RMC playing a pivotal oversight function.

The ERM assessment was conducted through a combination of workshops and interviews involving senior

management and the key enterprise risks facing the Group’s business units are then reported to the Audit

Committee on every quarter. The workshops and interviews conducted have generated the following reports:

•

Detailed risk register

•

Risk Parameters

•

ERM Report

These reports were summarised as risk profile and provide the basis for the following:

•

Business action plans and improvement strategies;

•

Developing cost effective control strategies; and

•

Prioritisation of areas for operational audit.

All subsidiaries within the Group will update their risk profile to the RMC on an annual basis.

The Group’s ERM programme is supported by the Risk Management Policy and Procedures (“the Policy”)

which is consistent with the current requirements of the Malaysian Code on Corporate Governance 2012.

The Policy will sensitise staff more strongly to risk identification, measurement, control, on-going monitoring,

responsibilities and accountabilities.

An overview of the Group’s risk assessment process is depicted as follows:

Define processes/activities/objectives

Identify controls

Identify risks

Determine control effectiveness

Determine risk rating

Determine current residual risk

Risk Profile

Preparation

Control Assessment