Statement on Risk Management and Internal Control KEY INITIATIVES 2024 The key initiatives drive the implementation of framework and process methodology enhancements, fostering resilience and preparedness against key risk threats. KEY INITIATIVES OUTCOME Development of FGV Group Divisional Risk Appetite Statement Advanced to Phase Two of the RAS project, cascading the enhanced Group RAS into operational guidelines for its business divisions. Workshops held between February and April 2024 facilitated alignment across all levels, and the completed Divisional RAS was endorsed by the RMC in October 2024. This initiative aligns divisional risk-taking with FGV’s strategic objectives while maintaining strong governance. Tailored to diverse business needs, the Divisional RAS supports informed decision-making, ensuring risks are managed effectively to drive business growth in a responsible manner. Competency Framework for Risk, BCM, and Governance Champions Introduced a competency framework for Risk, BCM, and Governance Champions in collaboration with GRMD, the Group Governance Management and Group Human Capital. Rolled out in Q2 2024, it included framework development which included self-assessments and panel evaluations, and skill gaps analysis for intervention programmes, was subsequently approved by the RMC. The framework identifies competency gaps and delivers structured development initiatives to enhance the skills and expertise of champions. This approach strengthens risk management, business continuity, and governance, ensuring these functions remain effective and aligned with evolving business needs. BCM System Formalised the BCM System to enhance resilience against potential disruptions, minimising impact on operations, supply chains, and costs. The system automates key BCM processes, including Risk Assessment (RA), Business Impact Analysis (BIA) to identify Critical Business Functions (CBF), BCP Recovery Strategy development, BCM incident management, Crisis Communication, and reporting. The system strengthens resilience by centralising key information, streamlining crisis communication, and supporting decision-making. It prioritises recovery actions, ensures continuous monitoring, and captures lessons learned, minimising downtime, protecting reputation, and maintaining customer trust. Business Continuity Exercise Conducted a desktop cyber drill in collaboration with KPMG in January 2024. The exercise tested Senior Management and critical IT staff on applying the IT Business Continuity Process during cyber crisis scenarios. KPMG evaluated FGV’s crisis management maturity using its Crisis Management Maturity Scales, placing it between the “Formative” and “Established” stages. While progress has been made, there are opportunities to further strengthen response strategies for greater resilience and preparedness. 226 FGV Holdings Berhad | Annual Integrated Report 2024
RkJQdWJsaXNoZXIy NDgzMzc=