Page 254 - MSM_AIR2021
P. 254

252  MSM MALAYSIA HOLDINGS BERHAD             WHO WE ARE     STATEMENT & DISCUSSION BY OUR LEADERS   HOW WE OPERATE
          ANNUAL INTEGRATED REPORT 2021

            STATEMENT ON

            RISK MANAGEMENT AND

            INTERNAL CONTROL







            The Group’s Risk Management function; undertaken by Corporate Governance & Risk Management (CGRM) adopts an effective
            and progressive Enterprise Risk Management System (ERMS) to identify, evaluate and monitor the risks faced by the Group,
            and Management take specific measures to mitigate the risks. CGRM purview include the following responsibilities:








              Reviewing, assessing,   Providing guidance   Maintaining the    Preparing risk      Overseeing MSM
              enhancing and         to all MSM Group’s     Risk Register for    reports to the Audit,   Group’s Business
              monitoring the Group’s   operations in       the MSM Group     Governance and Risk   Continuity
              Risk Management       identifying and                          Committee (AGRC)     Management
              Framework including   assessing risks,                         and Board
              risk management       developing relevant
              policies and procedures;   and effective mitigation
              and in alignment      strategies to manage
              with FGV Group        risks
              Risk Management
              framework


            Risk Management Framework and Process

            In ensuring effective oversight of risks enterprise-wide level, we have embedded risk management in all our key processes
            and activities. These are guided by our Enterprise Risk Management and Framework, which was designed in accordance with
            ISO 31000:2018 Risk Management - Guidelines. An overview of the Group’s Risk Management Framework is depicted below:

                       BOARD AND BOARD COMMITTEES



                              Key Senior Management


                                                                   OVERSEE               •  Compliance,
                     MANAGE                                                                Compliance & Risk
                     First line of defence -   • Subsidiaries      Second line of defence -   Management
                     Functions that own and   •  Policies and Standard   Functions that oversee   •  Group Governance
                     manage Risks.           Operating Procedures  risks, control and
                                                                   compliance.           •  Group Risk


                     ASSURANCE
                                                                   Forth line of defence -    •  External Auditors
                     Third line of defence -                       Set requirements and/  •  Regulators
                     Internal functions that    •  Group Internal Audit  or perform independent
                     provide independent                           assurance.             •  Other External
                                                                                            Bodies
                     assurance.
   249   250   251   252   253   254   255   256   257   258   259