100 / 232
Kumpulan Fima Berhad
(11817-V)
98
STATEMENT ON RISK MANAGEMENT
AND INTERNAL CONTROL
In line with the achievement of the above objectives, the RMC has undertaken the following:
•
reviewed the extent of the controls and measures which have been put in place by each Risk Management Unit (“RMU”)
to ensure the risks are managed to an acceptable level. Below are the steps of Enterprise Risk Management conducted
within the group:
•
heightened risk awareness culture in the business processes through risk owners’ accountability and sign-off for action
plans and continuous monitoring;
•
compilation of the business units’ risk profiles in relation to the Group risk parameters, the top risks from each business
segment and reported to the RMC for review, deliberation and approval; and
•
fostered a culture of continuous improvement in risk management through risk review meetings; and provided a system
to manage the central accumulation of risk profiles data with risk significance rating for the profiles as a tool for prioritising
risk action plans.
Board of Directors retains the overall risk management responsibility in accordance with Best Practice of the Malaysian Institute
of Corporate Governance, which requires the Board to identify principal risks and ensure the implementation of appropriate
systems to manage these risks.
Each RMU
updates the Risk
Profile indicating
the current
condition of each
risk and plan
Risk
Management
Coordinator
compiles all the
Risk Profiles
RMC Reviews
the Risk Profiles
together with
RMU annually
Risk Profiles
updated with the
updated controls
and measures to
be taken
RMU to monitor
and report on the
controls and the
condition of each
risk
BOARD
(Executive
Management)
Vision
External
Risks
Internal
Risks
Strategic
Objectives &
Goals
Operational
Goals & Targets
Organisation
Hierarchy
Business
Objectives
HieraRchy
Frames of
reference
aligned
Divisions & SBU
(Senior mangement &
Mid-Management)
Operation/Functions
(Executives & Staff)