2019 UEM Edgenta Annual Report

122 123 UEM Edgenta Berhad UEM EDGENTA AT A GLANCE MESSAGE FROM OUR LEADERSHIP STRATEGIC FOCUS OPERATIONAL REVIEW SUSTAINABILITY EFFORTS CORPORATE GOVERNANCE INTRODUCTION FINANCIAL REVIEW ADDITIONAL INFORMATION Annual Report 2019 Statement on Risk Management and Internal Control a. Set / clarify business objectives: Understanding of what the objectives are for the Company and its group of companies. b. Establish context: Establish the context and boundaries within which the Group operates. c. Identify risks: Risk(s) are those internal or external factors which could affect / influence the achievement of business objectives either positively or negatively. d. Assess risks: Prioritise risks by evaluating the potential impact on business objectives if a risk were to materialise together with the likelihood of occurrence. The Group adopts the following risk rating matrix to articulate the relationship between risk impact and likelihood. Risk Rating Likelihood Risk Impact Insignificant Minor Moderate Major Catastrophic Certain Medium Significant Significant High High Likely Medium Medium Significant Significant High Possible Low Medium Medium Significant High Unlikely Low Medium Medium Significant Significant Remote Low Low Medium Medium Significant e. Respond to risks: The Group adopts the 4Ts strategy in responding to the identified risks and qualify these according to the acceptable levels. f. Monitor, review and report risks: Risk events and trends to be continually scanned, assessed and monitored and similarly risk responses are monitored continuously to ensure that risk responses are operating as designed and expected. g. Communicate: Communication is required for an effective risk management programme. Changing business condition continuously alter the risk profile of an entity, hence, frequent and explicit conversation about risk is vital to maintain continued awareness and management of key risks. Terminate Avoidance by not to proceed or continue with a particular activity or seeking alternative means to achieve objective Treat Mitigation plans established to reduce the likelihood & impact Take Intentionally taking risk due to inherent / unavoidable risk or to pursue / sustain higher returns, with informed approval by appropriate level Transfer Transfer the risk by moving the risk to 3 rd party but accountability still resides with Risk Owners Statement on Risk Management and Internal Control Risk Identification Process Risks are those internal or external factors which could affect / influence the achievement of business objectives either positively or negatively. • Risk waterfall is used to systematically identify the 1 st , 2 nd and 3 rd order effects of each risk event; link some of the events into cascades: a) 1 st Order Effects: Effects that have a direct impact on financial performance. b) 2 nd Order Effects: Effects that have an indirect impact on financial performance; they influence another element in industry or value chain consequently altering the dynamics in the marketplace. c) 3 rd Order Effects: Effect of macroeconomic that affect the entire economy. Watch for Interdependent & Cascading Risk Drivers Company Healthcare Support, Property & Facility Solutions, Infrastructure Services and Asset Consultancy: - Market / Industry - Operations - Financials - Compliance - People - Management Information System P u b l i c P o l i c y E n v i r o n m e n t a l R e g u l a t o r y G e o p o l i t i c a l D e m o g r a p h i c s E c o n o m i c P a n d e m i c s T e c h n o l o g y F i n a n c i a l S t r a t e g y C u s t o m e r C a p i t a l / F u n d i n g M a r k e t S u p p l y C h a i n D is t r i b u t i o n C o m p e t i t o r s ’ R e s p o n s e