Page 256 - MSM_AIR2021
P. 256
254 MSM MALAYSIA HOLDINGS BERHAD WHO WE ARE STATEMENT & DISCUSSION BY OUR LEADERS HOW WE OPERATE
ANNUAL INTEGRATED REPORT 2021
STATEMENT ON
RISK MANAGEMENT AND
INTERNAL CONTROL
Overview of Risk Reporting Architecture is illustrated below:
Board
Risk 1 2 MSM Top 3 Committee 4 MSM 5
Owners CGRM Management Board of
(AGRC) Directors
Enterprise Risk Management (ERM) System
The Enterprise Risk Management framework enables the subsidiaries, operating units and support functions to exercise a
consistent approach for risk identification and institutes a common platform to deliberate and manage risks.
The Group has in place a continuous and systematic control structure and process for identifying, evaluating and managing
significant risks pertinent to the achievement of the Group’s overall corporate objectives. The control structure and process which
has been established throughout the Group is updated and reviewed from time to time to suit the changes in the business
environment.
Below are the steps of compilation of risk information conducted within the Group:
Review & Risk Owner
Update Review, update the Risk Register (RR) quarterly in line with the company’s strategies and objectives.
Review, Risk Champion
verify, Review, verify, confirm and revise the Risk Register (RR) that has been updated by Risk Owners.
confirm Risk Champion selects the Top 10 Risks for the companies every quarter (Select from established
and revise Risk Registers).
Review & GCEO/GCOO/HOO/HOD
Approve Review and approve/reject the RR & the top 10 risk for each subsidiary.
Review & Sector Risk Champion
Determine Review and determine the top 10 risk for the sector.
Review & Sector Head
Approve Review and approve the top 10 risk for the sector.
Report to Board Reporting on quarterly basis.
Board
