ENRA Group Berhad Annual Report 2019

50 ENRA GROUP BERHAD ∞ Annual Report 2019 page Management of Significant Risks • The management of the significant risks identified for the financial year ended 31 March 2019 are as follows: 1. Strategic Management Risks in managing principals and customers. Currently the sales team’s plan is to continue to increase knowledge and competency to add value to our services that will ensure dependency from both customer and principal. We focus on education, diversification, and transfer of knowledge to maintain and enhance the relationship in this ever challenging and changing environment. 2. Environmental Risk exist as we are operating within both the oil & gas and property development industries/ segments which are exposed to compliance risk of the laws and regulations including those relating to health, safety, environment and compliance with the various certifications required for the industries. We currently have various preventive maintenance programs, training and development, and processes for risk assessment and monitoring and control based on ISO9001 quality objectives. There is an approved plan to build our own chemical refilling and storage facility with proper safety and environmental control system. 3. Project Completion Risk, as the Group has businesses both locally and overseas and is exposed to various risks relating to delay in procuring materials, project management risks, occupational health and safety risk, political risk, credit risk, foreign exchange risk, payment issuance and communication barriers. The Group has embarked on a more stringent role in terms of monitoring projects both locally and overseas such as appointing key people as project managers and regular monitoring, liaising with Group Legal on the terms of contracts and reporting on project progress to EXCO. Risk Management based on ISO 31000 PRINCIPLES A. Creates and protects value B. Integral part of organizational processes C. Part of decision making D. Explicity addresses uncertainty E. Systematic, structured and timely F. Based on the best available information G. Tailored H. Take human and cultural factors into account I. Transparent and inclusive J. Dynamic, interactive and responsive to change K. Facilitates continual improvement and enhancement of the organisation FRAMEWORK PROCESS Mandate and commitment Establishing the context Risk identification Risk analysis Risk evaluation Risk treatment Design of framework for managing risk Monitoring and review of the framework Continual improvement of the framework Implementing risk management Communication and consultation Monitoring and review Risk assessment Statement on Risk Management and Internal Control