Basic HTML Version
JAYA TIASA HOLDINGS BERHAD
32
STATEMENT ON
RISK MANAGEMENT
AND INTERNAL CONTROL
Introduction
The Malaysian Code on Corporate Governance 2012 (“MCCG 2012”) issued by the Securities Commission Malaysia
requires the Board of Directors (“The Board”) to establish and maintain a sound system of risk management and internal
control to safeguard shareholders’ investment and assets of the Group.
Paragraph 15.26(b) of the Listing Requirements of Bursa Securities requires the Board to include in the Annual Report a
statement about the state of risk management and internal control of the listed issuer as a group. For preparation of this
Statement, the Board took into consideration the Statement on Risk Management and Internal Control: Guidelines for
Directors of Public Listed Companies.
Board’s Responsibility
The Board is responsible and accountable for the governance of the Group’s risk management and internal control. The
Board is also fully responsible for maintaining a sound risk management and internal control system and reviewing its
adequacy, effectiveness and integrity to safeguard shareholders’ investments and the Group’s assets.
The Board, with the assistance of the Risk Management Committee (“RMC”), has established an on-going process for
identifying, evaluating and managing risks faced by the Group. The Group’s risk management and internal control system
is designed to manage, rather than eliminate the risks of failure to achieve its business objectives. The system by its nature
can only provide reasonable but not absolute assurance against material misstatements, operational failures, fraud or
loss. In addition, the concept of reasonable assurance recognizes that the cost of control procedures should not exceed
the expected benefits.
The Board has received assurance from the Group Chief Executive Officer and Chief Financial Officer that the Group’s risk
management and internal control system is operating adequately and effectively, in all material aspects, based on the risk
management and internal control system of the Group.
Risk Management
Risk management is regarded by the Board as an integral part of the Group’s organizational processes, with the objective
of maintaining a sound internal control system and ensuring its continuing adequacy and integrity. Risk Management
Policy, Risk Management Framework and Annual Risk Management Plan are in place to guide the implementation of risk
management strategies and initiatives to institutionalize risk management as a business culture throughout the Group.
The Risk Management Department is entrusted with the responsibility of facilitating effective risk governance and risk
management implementation in the Group. Risk management oversight by the Board comprising the RMC, is in place to
actively oversee and to ensure seamless integration of risk management into the Group’s business processes. The RMC
is led by the Group Chief Executive Officer, and represented by key senior management staff. It meets regularly and is
committed to uphold risk management culture as part of key business activities. The RMC provides updates on the risk
management activities as well as the results on the Annual Risk Assessment to the Board. Management teams of the
Group are responsible for risk management and internal control implementation at the operational level.
The risk profile of the Group has been established based upon the enterprise risk management concept. The identified key
risks together with their major causes are periodically reviewed whereby the status of Key Performance Indicators (“KPIs”)
and risk mitigations progress are deliberated at the RMC’s meeting. Each key risk has a dedicated risk champion who is
responsible for coordinating those concerned risk owners across the functional units over the implementation of control
measures, monitoring and tracking of KPIs, identifying additional risk mitigations and implementing them. The risks and
mitigations are addressed to the operations on a regularly basis to enhance awareness at all levels.
Amidst delivering growth for its stakeholders, the Group will continue its focus on sound risk assessment practices and
internal control to ensure that it is well equipped to manage the various challenges arising from the dynamic business and
competitive environment.