Precautionary Principle – Risk Management
We have a corporate risk management framework that covers the different types of enterprise risk. Under this framework, enterprise risks are identified by the respective business units and significant risks are documented in the Corporate Risk Register and monitored. The business risks are expected to identify mitigation measures to address the enterprise risks and implement them accordingly in efforts to reduce the risk exposure. We employ risk monitoring and reporting systems to enable early detection and escalation of risks to the various levels for review to take appropriate actions. Diagram 5.1 shows the risk-management cycle practiced in the company.
Diagram 5.1: Risk management cycle
PowerSeraya has put in place a structure to manage the risks of the entire company. The committees and their respective roles in risk management are shown in Diagram 5.2. We have the Risk Management Committee (RMC) which is responsible for the development and implementation of processes that identify measure, monitor and control risks within the company. The RMC is headed by a Chief Risk Officer (CRO) appointed by the Board.
Reporting to the RMC are the various risk owners who are responsible for managing and monitoring risks of their business units. The Enterprise Risk Management (ERM) Dept collates all reports from the risk owners on a quarterly basis. The ERM Dept primarily manages the overall market risk of the company and works with the different risk owners to manage other types of enterprise risks that include (but are not limited to) the following:
Diagram 5.2: Organisational structure for risk management
|
