The enterprise risk management framework
encompasses the following key elements:
• adoption of a structured and systematic risk
assessment, monitoring and reporting framework
as well as clearly defining the risk responsibilities
and the escalation process;
• heightened risk awareness culture in the business
processes through risk owners’ accountability and
sign-off for action plans and continuous
monitoring;
• fostered a culture of continuous improvement in
risk management through risk review meetings;
and
• provided a system to manage the central
accumulation of risk profiles data with risk
significance rating for the profiles as a tool for
prioritising risk action plans.
Amidst delivering growth for its stakeholders, the
Group will continue its focus on sound risk assessment
practices and internal controls to ensure that the
Group is well equipped to manage the various
challenges arising from the dynamic business and
competitive environment.
KEY ELEMENTS OF INTERNAL CONTROL
Internal controls are embedded in the Group’s
operations as follows:
• Clear organisation structurewith defined reporting
lines.
• Defined level of authorities and lines of
responsibilities from operating units up to the
Board level to ensure accountabilities for risk
management and control activities.
• Group Risk Management department of Boustead
Holdings Berhad assists in reviewing and
recommending the risk management policies,
strategies, major risks review and risk mitigation
actions for the Group as well as reporting to the
Audit Committee and Board on a periodic basis.
• Training and development programmes are
established to ensure that staff are kept up to date
with the necessary competencies to carry out
their responsibilities towards achieving the
Group’s objectives.
• Code of ethics for the Board and all employees to
ensure high standards of conduct and ethical
values in all business practices.
• Whistle blowing policy to provide an avenue for
employees to report any breach or suspected
breach of any law or regulation, including business
principles and the Group’s policies and guidelines
in a safe and confidential manner.
• Regular Board and Management meetings to
assess the Group’s performance and controls.
• The Board is supported by a qualified and
competent Company Secretary. The Company
Secretary plays an advisory role to the Board
particularly on issues relating to compliance with
MMLR, the Companies Act, 1965 and other relevant
laws and regulations.
• Group Internal Audit function assists in providing
assurance of the effectiveness of the system of
internal control within the Group. Regular internal
audit visits to review the effectiveness of the
control procedures and ensure accurate and
timely financial management reporting. Internal
audit efforts are directed towards areas with
significant risks and the risk management process
is being audited to provide assurance on the
management of risks.
• Review of internal audit reports and follow-up on
findings by Management Audit Committee. The
internal audit reports are deliberated by the Audit
Committee, and are subsequently presented to
the Board on a quarterly basis or earlier, as
appropriate.
• Review and award of major contracts by Tender
Committee. A minimum of three quotations is
called for and tenders are awarded based on
criteria such as quality, track record and speed of
delivery. The Tender Committee ensures
transparency in the award of contracts.
statement o n r i sk manag ement an d i nterna l co ntro l
Bo ustead plantati o ns Berhad
52
