164 YINSON HOLDINGS BERHAD | INTEGRATED ANNUAL REPORT 2024 RISK MANAGEMENT MODEL & PILLARS The key areas under the GRC’s purview can be portrayed in the following pillars: KEY DEVELOPMENTS IN FYE 2024 Yinson Production risk profile As part of an ongoing commitment to robust risk management aligned with the growing exposures of the business within Brazil, a targeted risk assessment for Yinson Production’s operations in Brazil was conducted during Q4 FYE 2024. The assessment specifically focused on the risks associated with Yinson Production’s operations in Brazil, considering the geopolitical environment and country-specific risks. The outcome of the risk assessment includes identified risks, along with developed action plans and mitigation strategies to fortify operations. The resulting risk profile will be presented to the BRSC and the Board on a quarterly basis. Yinson Renewables risk profile In ensuring the implementation of effective risk management processes and procedures throughout all business segments, Three Lines of Defence Model The Group adopts a ‘Three Lines of Defence’ approach for its risk management. It provides an overview of the Group’s operations from a risk management perspective while assuring the ongoing success of risk management initiatives. Drive and facilitate period risk review. Provide independent inputs to enhance effective risk assessments, controls, and action plans. Timely reporting and escalation of risk information. Risk Assessment, Monitoring, Review & Reporting Create awareness and seamless communication pertaining to the risk review and assessment process within the Group. Risk Awareness and Communication Develop and document Business Continuity Plan. Business Continuity Plan Responsible to review risk processes within the Group and continuously enhance the risk process through automated solutions. Management of Risk Automation Solution Own and manage day-to-day risks inherent in business activities including that of risk-taking by implementing proper risk controls and procedures as well as maintaining a proactive approach to risk, aligning decisions with risk appetites and ensuring compliance with established policies and procedures. 1st line of defence Provide independent assurance on the overall integrity and adequacy, and ensuring that both the first and second lines of defence are operating effectively and in accordance with our risk management policies and procedures, as well as the guidelines set out by ISO 31000. 3rd line of defence Responsible for developing and disseminating risk management policies. Provides the necessary tools and expertise, driving the right risk culture and overseeing risk management practices. In addition, they provide overall risk governance and oversight as well as challenging the assessment of 1st line, where applicable. 2nd line of defence the Risk Management function conducted a comprehensive risk re-assessment exercise for Yinson Renewables during Q4 FYE 2024. The resulting risk profile is presented to the BRSC and the Board on a quarterly basis. This initiative also involves the development of action plans and mitigation strategies identified collaboratively with key personnel at Yinson Renewables. These measures are designed to enhance risk management and contribute to the overall success of Yinson Renewables’ endeavours. Yinson GreenTech risk profile To strengthen robust risk management practices across the diverse business segments, the Risk Management function carried out a comprehensive risk re-assessment for Yinson GreenTech during Q4 FYE 2024. The outcome of this assessment is reported on a quarterly basis to the BRSC and the Board. As part of this re-assessment initiative, the Risk Management function collaborated with key personnel at Yinson GreenTech, engaging in a dialogue to evaluate and
RkJQdWJsaXNoZXIy NDgzMzc=