Al-`Aqar Healthcare REIT Annual Report 2019

Specific roles and responsibilities for risk management are summarised as follows:- ROLES PRINCIPAL RESPONSIBILITIES FOR ERM BOARD OF DIRECTORS 1. Adopt the ERM Policy; 2. Articulate and provide direction on risk appetite, organisational control environment and risk culture; 3. Final decision on risk parameters, risk appetite, risk profiles, risk treatment options, and risk action plans; 4. Assess and keep abreast with key risk indicators; and 5. MonitortheoverallERMframework’sperformanceand implementation effectiveness. EXECUTIVE COMMITTEE (EXCO 1. Provide guidance and advice on appropriateness of risk treatment option selected and risk action plans development; 2. Articulate and challenge risk ratings, control effectiveness, risk treatment options and risk action plans identified by risk owners; and 3. Provide an independent view on specific risk and control issues, the state of internal controls, trends and events. RISK MANAGEMENT COMMITTEE 1. Assist the Board in establishing and maintaining effective policies and guidelines to ensure proper management of risks to which the company/Fund is exposed to and to take appropriate and timely action to manage such risks; 2. Review and endorse the risk parameters, risk appetite, risk profiles, risk treatment options, risk action plans and key risk indicators; 3. Communicate requirements of the ERM Policy to staff and ensure continuous enhancement of ERM. 4. Formulate and implement ERM mechanism to accomplish requirements of the ERM policy; 5. Discuss, rank and debate risk ratings, control effectiveness, risk treatment and action plans identified by risk owner; and 6. Ensure that the ERM reports prepared are submitted to Board of Directors in a timely manner, and special risk report/flash reports are submitted in the event of any risk(s) that required urgent attention. RISK MANAGEMENT DEPARTMENT 1. Continuously communicate, evaluate and improve the ERM Policy and ERM mechanism; 2. Facilitate the risk assessment, implementation of risk action plan and key risk indicators process; 3. Prepare risk parameters, risk appetite, monitoring of risk action plans and provide independent review on key risk indicators; 4. Provide independent input on risk assessment (risk types and risk ratings), and action plans comprehensiveness; 5. Conduct risk identification, evaluation and review of risk treatment process on a periodic basis to ensure the Group’s risk management effectiveness; 6. Prepare and report to the RMC in a timely manner, and ensure special risk report/flash report is prepared in the event of any risk(s) that required urgent attention; and 7. Lead the ERM educational programmes, and continuous sharing insights into risk and market trends with risk owner. RISK OWNERS 1. Identification and assessment of risks, implementation and monitoring of risk action plans and key risk indicators; 2. Prepare and report to the Risk Officer on a timely manner and timely preparation of flash reports in the event of any risk(s) that required urgent attention; and 3. Maintain highest alert on both internal and external activities or circumstances that may have adverse risk impacts and consequences. 05 ESSENCE OF CORPORATE GOVERNANCE 94