RISK MANAGEMENT Risk management is regarded by the Board as an important aspect of the Group’s operations with the objective of maintaining a sound internal control system and ensuring proper management of the risks that may impede the achievement of the Group’s goals and objectives. The Group has established its Enterprise Risk Management Policy and Framework which is tailored to the specific circumstances of the Group for identifying, evaluating and managing key risks faced by the Group. In general, the Group’s risk management framework and practices are aligned with the principles of ISO 31000 — an internationally recognised standard for risk management and the Committee of Sponsoring Organisation of the Treadway Commission’s Enterprise Risk Management Integrated Framework. The Group’s risk management process includes understanding the context of internal and external factors that may have an impact towards the business, identifying principal business risks in critical areas, assessing the likelihood and impact of material exposures, determining its corresponding risk mitigation and treatment measures and on-going monitoring and reviewing of risk profiles. STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL The ERM Policy and Framework was established to support the overall achievement of the Group’s vision and strategic goals, as well as to safeguard the reputation, resources, people and assets of the Group. The ERM Policy and Framework encompasses the following key elements: • The ERM is designed to identify potential events that may affect the Group and manage risks within its risk appetite, to provide reasonable assurance regarding the achievement of the Group’s vision and missions; • The ERM is a holistic, integrated, future-focused and process-oriented approach that helps to manage all key business risks and opportunities with the intent of maximising shareholders’ value for the Group as a whole; and • The ERM is a structured and disciplined approach aligning strategy, process, people, technology and knowledge with the purpose of evaluating and managing the risks that the Group faces as it creates value. A comprehensive ERM policy and framework shall provide a strong foundation for ERM exercise execution within the Group. Enterprise Risk Management (ERM) Policy and Framework The ERM ensures the Group is well-prepared to fit with its operating environment where the ERM policy and framework established shall be used effectively to address any risks, concerns, issues, challenges and/or expectations from the internal and/or external stakeholders. The Group’s Risk Management processes is highlighted in the illustration below: 01 Scope, Context and Criteria 02 Risk Assessment 05 Risk Action Plan Monitoring 03 Risk Action Plan 04 Key Risk Indicator ERM PROCESSES Boustead Plantations Berhad 118
RkJQdWJsaXNoZXIy NTkwNzg=