FGV HOLDINGS BERHAD | ANNUAL INTEGRATED REPORT 2023 147 STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL Driving this process is the Group Risk Management Division (GRMD), entrusted with the development and upkeep of the risk management policy and framework. GRMD provides invaluable support to both the Board and Management, facilitating the implementation of a risk-aware culture, methodology, and the tools and skills necessary for effective risk oversight. The Risk Management Framework follows a dual-pronged approach, combining a top-down perspective for identifying the Group’s key risks with a bottom-up approach to pinpointing operational risks. Quarterly reporting of key risks to Sector Risk Committees precedes deliberation and guidance, ensuring alignment within acceptable levels and the Group’s strategic objectives and risk appetite. RMC and BGRMC further scrutinise these risks in a tiered escalation process, with RMC conducting periodic deep-dive reviews to support relevant strategic topics on its agenda. More information on BGRMC can be found in the Corporate Governance Overview Statement on pages 136 to 137. RISK MANAGEMENT FRAMEWORK The primary aim of the Risk Management Framework is to facilitate the realisation of FGV’s strategic objectives by fostering clarity and proactive behaviour. This involves: PROCESS Monitoring and Review The monitoring and review process tracks the current status of the risk profile, detects changes in the risk context and ensures that the controls are adequate in both design and operation. RISK ASSESSMENT RISK REPORTING Communicate and consult with internal and external stakeholders, as appropriate, at each stage of the risk management process. ESTABLISH CONTEXT Establish the strategic, organisational and risk management process context by considering the environment within which the risks are present. RISK IDENTIFICATION Identify uncertainty arising from risk events that may impact the achievement of objectives, which form the basis for further analysis. RISK ANALYSIS Assess risks in terms of impact and probability, and plot them on the FGV risk matrix to derive a prioritised list of risks for further action. RISK EVALUATION Establish an understanding of the risks by considering the relationships between the causes, risks and effects and thus enable the evaluation of key risk mitigations. RISK TREATMENT Identify controls and responses to manage inherent risks to an acceptable residual risk level. PHASE 1 PHASE 4 PHASE 3 PHASE 2 PHASE 5 1 Understanding the Risk Landscape: Thoroughly assessing the risk landscape to comprehend specific risks and potential exposures. 2 Decision-Making on Risk Mitigation: Determining the most suitable approach to address identified risks, with the overarching goal of mitigating overall potential exposures. 3 Implementation of Risk Management Methods: Employing appropriate methods to actively manage the identified risks in a strategic manner. 4 Monitoring and Assurance: Continuously monitoring and seeking assurance on the effectiveness of the implemented risk management methods. Taking corrective action where necessary to enhance risk management processes. 5 Periodic Reporting: Providing periodic reports to both the Management and Board. These reports detail how significant risks are being addressed, monitored, assured, and mitigated, ensuring transparency and accountability in the risk management processes.
RkJQdWJsaXNoZXIy NDgzMzc=