Enterprise Risk Management

The Company’s Risk Management System

The Board recognize the importance of identifying and controlling various risks to prevent undue or uncalculated negative impact on the Company. The Board also recognizes that risk oversight, implementation of comprehensive controls and assurance processes are a core function of the Board.

The Risk Management Committee shall operationalize a Risk Management Program which shall be guided by the following:

  1. Establish risk profile and determine external and internal factors which can influence the Company’s risk profile;
  2. Identify and characterize specific threats/ risks;
  3. Assess the vulnerability of critical assets to specific threats/ risks;
  4. Determine the risks (i.e. expected likelihood and consequences of specific threats/ risks on specific assets;
  5. Identify ways on how to minimize said threats/ risks;
  6. Prioritize risk reduction measures based on strategy;
  7. Implement and monitor
  8. Assess effectiveness, conduct reviews and evaluation and make necessary adjustments

The Risk Management Program shall be reviewed annually and all material changes to the Company’s risk profile shall be noted. To assist the Risk Management Committee in conducting the annual review, management and key executives are required to report to the Committee on:

  1. any material risks identified;
  2. how the risks are being managed;
  3. the implementation of any risk management or internal control system; and
  4. whether any breaches of the risk management policies have occurred during the period.