165 INTEGRATED ANNUAL REPORT 2024 Overview of Wasco Berhad Key Messages Value Creation Commitment to Governance Sustainability Journey Financial Statements Other Information STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL Review and Monitoring Communication and Consultation Establish the Context • Key objective for risk management • Risk Appetite Risk Identification • Identify the risks • Risk Categories Risk Assessment • Gross Risk Assessment • Net Risk Assessment • Identify likelihood, Impact and Risk Matrix Risk Evaluation • Evaluate risk • Determine acceptability Risk Treatment • Accept • Avoid • Transfer • Reduce (likelihood and/or Impact) RISK MANAGEMENT The Group Risk Management Framework, which is embedded in the management system of the Group, clearly defines the authority and accountability in implementing the risk management process and internal control system. The Management via RMC assists the Board in implementing the process of identifying, evaluating, and managing significant risks applicable to their respective areas of business and in formulating suitable internal controls to mitigate and control these risks. The Management also provides reasonable assurance that the Group’s risks and internal control systems are effective. All business segments and major departments within the Group conducted risk assessments to identify risks relevant to their areas of responsibility. They analyzed the likelihood of these risks occurring, assessed their potential impact, evaluated the risk levels, and identified existing controls and actions needed to manage these risks to an acceptable level. The resulting risk profiles are documented in risk registers, with each business or operational area maintaining its own register. This process is facilitated by the Group Risk Management. The risk assessment report is submitted to the RMC on a quarterly basis. During the quarterly RMC meetings, the significant risk identified by the business units are presented for deliberation. The RMC reports to the BSC on the significant risk affecting the Group as well as any substantial changes in the business and external environment that may impact the key risks identified. Through the BSC, the Board has approved the Risk Management Framework, which outlines the governance structure and assigns responsibilities across various levels of management and operations. The ultimate responsibility for implementing the framework rests with top management and members of the Wasco Berhad Group Management. This implementation is evidenced by the integration of effective risk management practices into relevant business processes, supporting decision making to achieve the Group’s objectives. RISK MANAGEMENT FRAMEWORK The RMC primarily develops, executes, and manages the risk management system to ensure that the Group’s corporate objectives and strategies are achieved within its acceptable risk appetite. It reviews, addresses, and responses to significant identified risks, including non-compliance with applicable laws, regulations, rules, and guidelines, as well as changes to internal controls and management information systems. Additionally, the reviews encompass outputs from monitoring processes and ongoing evaluations of identified risks and the effectiveness of mitigation strategies and controls. Risk Management Process Step 01 Step 04 Step 05 Step 02 Step 03
RkJQdWJsaXNoZXIy NDgzMzc=