STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL INTRODUCTION The Board recognises the importance of a sound risk management and internal control framework for good corporate governance and safeguarding the Group’s assets and shareholders’ interests. Premised on this, the Board is committed to maintain an adequate risk management and internal control framework for the Group and ensuring their continued effectiveness and integrity through a process of periodic review. Guided by the Statement on Risk Management and Internal Control – Guidelines for Directors of Listed Issuers and Main Market Listing Requirements, the Board is pleased to present the Statement on Risk Management and Internal Control (“SORMIC”). RESPONSIBILITIES OF THE BOARD The Board assumes the responsibility for the effectiveness and adequacy of the Group’s risk management and internal control system and has delegated the responsibility of undertaking periodical review on the process to the Audit and Risk Committee (“ARC”), whose responsibilities and duties are detailed in its Terms of Reference. However, the Board as a whole remains ultimately responsible for the effectiveness, adequacy, and integrity of the system of risk management and internal controls. The Board is aware that the expansion into new areas of business and operating in different countries would involve new and different risk considerations. Whenever these events occur, the Board will, in addition to its normal risk management process, pay particular attention to the impact of the Group’s overall risk profile and sufficiency of existing internal controls in addressing the additional risks, if any. The Board has, during FY2023, continued to strengthen the Groups’ governance and risk management framework to identify, assess, mitigate, report, and monitor significant risks in an effective manner. The Board recognises the integral role of key management in the risk management and internal controls process. A Risk Management Committee (“RMC”) had been established and comprised of Senior Management of the Company to identify and assess the Group’s risks and thereafter to design, implement, and monitor the appropriateness of the risk management processes and internal controls so as to address and mitigate such risks. RMC reports to the Board through the ARC on material risks and the required matters arising items. GROUP RISK MANAGEMENT AND INTERNAL CONTROL SYSTEM The key functions and processes that the Board have established in reviewing the adequacy and effectiveness of the risk management and internal control systems of the Group include the following: Risk Management The Enterprise Risk Management Framework (“ERMF”) has become an important driver to address the risks the Group inevitably faces in delivering its strategies while balancing the appropriate level of risk taken without exposing itself to unacceptable potential losses or reputational damage. The ERMF has strengthened the risk management practices through integration of ERMF with business practices for better decision making and ultimately enhanced business performance to preserve the Group’s long-term value. The key features of the ERMF include: Risk Appetite It is defined as the amount and types of risk that the Group is willing to accept, in pursuit of its business objectives. The Group’s risk appetite is an integral component of the Group’s robust risk management framework. The risk appetite also provides a structure in understanding risk and is embedded in day-to-day business activities. 60 GHL SYSTEMS BERHAD 199401007361 (293040-D)
RkJQdWJsaXNoZXIy NDgzMzc=