KUMPULAN FIMA BERHAD
The ERM framework adopted by the Group encompasses the risk assessment process, organisational
oversight and reporting function to instil the appropriate discipline and control for continuously improving risk
management capabilities. Risk assessment, monitoring and review of the various risks faced by the Group
are a continuous process within the key operating units with the RMC playing a pivotal oversight function.
The ERM assessment was conducted through a combination of workshops and interviews involving senior
management and the key enterprise risks facing the Group’s business units are then reported to the Audit
Committee on every quarter. The workshops and interviews conducted have generated the following reports:
Detailed risk register
These reports were summarised as risk profile and provide the basis for the following:
Business action plans and improvement strategies;
Developing cost effective control strategies; and
Prioritisation of areas for operational audit.
All subsidiaries within the Group will update their risk profile to the RMC on an annual basis.
The Group’s ERM programme is supported by the Risk Management Policy and Procedures (“the Policy”)
which is consistent with the current requirements of the Malaysian Code on Corporate Governance 2012.
The Policy will sensitise staff more strongly to risk identification, measurement, control, on-going monitoring,
responsibilities and accountabilities.
An overview of the Group’s risk assessment process is depicted as follows:
Determine control effectiveness
Determine risk rating
Determine current residual risk