MISC BERHAD 190 INTEGRATED ANNUAL REPORT 2023 191 www.miscgroup.com GOVERNANCE SECTION 12 Crisis Management Crisis Management is a holistic and cohesive approach designed to enhance MISC Group’s ability to anticipate, prepare for, respond to and manage crisis across all risk dimensions of people, environment, assets and reputation. In 2023, the MISC Strategic Crisis Management Guideline (SCMG) was established replacing MISC Group Crisis Management Plan, 2019. The SCMG provides details of the roles and responsibilities allocated under the crisis management structure and used in the preparation and planning of a crisis response across MISC Group. A three-tiered response system provides the demarcation of roles and responsibilities between emergency site management, business segment/subsidiary management, corporate and internal/external response to regulatory agencies and/or authorities. Tier 3 Crisis Tier 2 Major Incident Tier 1 Minor Incident An incident beyond MISC Group’s capacity to control and consequently requires action from Government and/or other external parties. There may be potential for multiple fatalities and severe damage/injury to assets/personnel and the environment involving neighbouring sites and surrounding communities. A situation where there is danger to life and risk of damage to environment, property and reputation. The incident is within the control of Business/Service Unit/Subsidiary with limited external assistance. A situation where there is no danger to life, nor risk or damage to environment, property and reputation. The incident is within the control of the unit/site with limited external assistance. Notification & Escalation Group Crisis Management Team Led by President / Group Chief Executive Officer (Group CEO) Emergency Management Team Led by respective MD/CEO or Vice President (VP) Emergency Response Team Led by On-Scene Commander An integrated crisis management drill was conducted in 2023 based on a simulated incident in order to test the effectiveness of the SCMG and the Crisis Management Team (CMT) in ensuring a coordinated and timely response during crisis. Additionally, drill exercises were conducted for emergencies on vessels and offshore facilities, validating response plans and promoting continuous improvement. These proactive measures highlight the Group’s commitment to enhancing crisis management capabilities, ensuring swift and effective responses to unforeseen challenges and fostering resilience. Business Continuity Management Business Continuity Management (BCM) aims to build the capability of the MISC Group to recover and continue the operations of critical business functions in the event of disruption. Established through the BCM process, the Business Continuity Plan (BCP) enhances MISC Group’s readiness to recover and restore essential business functions within a reasonable time to sustain business activities and minimise stakeholder disruption. Annual Business Impact Analysis and recovery plan reviews are carried out to ensure changes in the Group is risk-assessed, analysed and mitigated. The mitigation action also takes into consideration different work environments such as flexible working arrangement and other remote working arrangements. This is achieved seamlessly by the application of technology, deployment of digital platforms for communication and collaboration to ensure our teams are able to work remotely and effectively. Through the operational resilience that MISC Group has built over the years and the well-executed recovery plans, MISC Group was able to provide uninterrupted services to its clients, as well as internal and external stakeholders, globally. Statement on Risk Management & Internal Control Key Internal Control Processes in Enterprise Risk Areas MISC Group Management Framework (MGMF) functions as a guide that aligns the Group’s activities on an integrated platform providing the first point of reference with guiding principles for the following areas which defines how the Group fulfils its obligations to regulators, employees, customers, shareholders and the community: Corporate Governance and Communication Values Decision-making Philosophy Approach to Governance Management MISC Excellence Management System (ExMS) In operationalising MGMF, MISC uses myGOVERNANCE, a digital system that has been designed as a central hub to streamline document management across all levels to ensure compliance, facilitate online adoption, deviation handling and provide comprehensive performance reports for governance activities. myGOVERNANCE which was approved for implementation in August 2023, has been in operation since January 2024. During the year under review, MISC conducted 844 self-assessments via myASSURANCE, an online assurance platform, covering Health, Safety, Security, Cyber Security, Environment, Finance, Tax, Procurement and Legal areas to ensure compliance with internal governance requirements, established under the Group’s frameworks, guiding principles and guidelines. Other than self-assessment via myASSURANCE, amongst other MISC Group’s key internal control processes in Enterprise Risk Areas are as follows: Financial Limits of Authority (LOA) The LOA manual provides a framework of authority and accountability within MISC Group and facilitates sound and timely corporate decision-making at the appropriate level in the Group’s hierarchy. Reporting The Board reviews quarterly reports from management on key operating performance, legal, environmental and regulatory matters. Financial performance is deliberated monthly by the MC and tabled to the BAC and the Board on a quarterly basis. Planning and Budgeting The Group performs a comprehensive annual planning and budgeting exercise which involves the development of business strategies for the next five years to achieve the Group’s vision. The long-term strategies are supported by initiatives to be pursued in the upcoming year and for effective implementation, the initiatives are tied to specific measurable indicators which will be evaluated against the relevant business/service units and subsidiaries’ deliverables. The Group’s strategic direction is then reviewed annually taking into account the current progress level and other indicators such as the latest developments in the industry, changes in market conditions and significant business risks. In addition, the Group’s business plan is translated into budgetary numbers for the next five years and financial performance and variance against budget is analysed and reported to the MC, BAC and the Board. Financial Reporting Control Assurance To enhance the quality of the Group’s financial reports, the Group continues the execution of the PETRONAS Financial Reporting Control (FRC) Assurance. FRC Assurance is a structured process of ensuring the adequacy and effectiveness of internal controls operating within the Group. FRC covers internal controls related to financial reporting based on the identified processes and risks. The FRC includes among others, documentation of controls, testing of internal control design effectiveness, remediation of control gaps as well as a periodic testing of control operating effectiveness. The objective of conducting the assurance and evaluating the test results is to conclude whether the controls are designed and operating effectively to support the financial statement assertions. If internal control deficiencies are noted during the testing, management shall determine whether they constitute a material misstatement to the financial statements. The root cause for each deficiency shall be documented and the Corrective Action Plan for the ineffective controls shall be monitored and reported periodically. FRC Assurance testing is performed semi-annually for relevant processes. Statement on Risk Management & Internal Control
RkJQdWJsaXNoZXIy NDgzMzc=