Page 255 - MSM_AIR2021
P. 255
SUSTAINABILITY JOURNEY HOW WE ARE GOVERNED FINANCIAL STATEMENTS ADDITIONAL INFORMATION 253
The Risk Management Framework:
MSM has adopted the 4 lines of defence model as the fundamental approach to ensure the effectiveness of risk management.
The framework seeks to minimise risk incidents and maximise business outcomes by allowing us to:
Understand the risk environment, and assess the Monitor and seek assurance on the effectiveness
specific risks and potential exposure of the management of these risks and intervene for
improvement where necessary
Determine how best to deal with these risks to
manage overall potential exposure Escalate to the Management and Board on a
periodic basis on how significant risks are being
managed, monitored, assured and improved
Manage the identified risks in appropriate ways
The process of risk management adopted by the Group is illustrated below:
Establish Context
Establish the strategic, organisational and risk management process context by
considering the environment within which the risks are present
Identify Risk
Communicate and Consult
Identify all uncertain future risk events that may impact the achievement of objectives,
which form the basis for further analysis
Analyse Risk
Assess risks in terms of impact and probability, and plot them on the risk matrix to derive
a prioritised list of risks for further action Monitor and Review
Evaluate Risk
Establish an understanding of the risks by considering the relationships between the
causes, risks and consequences and thus enable us to evaluate key risk-mitigating controls
Treat Risk
Identify controls and responses to manage inherent risks to an acceptable residual risk
level. Assess the effectiveness of mitigating controls in collaboration with the relevant risk
and control owners
