Axiata Group Berhad | Sustainability & National Contribution Report 2016
INTRODUCTION
16
The Board Audit Committee (BAC), via the Axiata Group
Risk Management Committee (GRMC), has put in place a risk
management framework and process to identify, evaluate and
monitor principal risks, and implement appropriate internal control
processes and procedures to manage these risks across the
Group, excluding Associate Companies and joint ventures which
are not within the Group’s control.
The Group is committed to the continuous improvement of risk
management processes and ensures that the processes remain
relevant to the operating environment. The GRMC, which consists
of all the members of Axiata Group’s Senior Leadership Team
(SLT) and is chaired by the Axiata Group BAC Chairman, plays a
key role in driving Axiata’s ERM Framework. With the assistance
RISK
MANAGEMENT
• Maintains a sound system of risk management & internal controls
• Approves risk management policy and framework, governance structure and sets the risk appetite
• Receives, deliberates and endorses BAC reports on risk governance and internal controls
• Assists the Board in evaluating the adequacy of risk management & internal control framework
• Reviews and endorses the Group Risk Profile
• Receives and reviews reports from the Risk Committee and recommends them to the Board for approval
• Assists in identifying principal risks at Group level and provides assurance that the ERM is implemented
Group-wide
• Reviews and recommends frameworks and policies specifically to address enterprise risk inherent in all
business operations
• Promotes cross-functional sharing of risk information
• Monitors compliance to ERM Framework, regulatory requirements and status of action plans for both
Group and subsidiaries
• Coordinates and promotes risk management culture and implementation
• Establishes, formulates, recommends and manages sound and best practice ERM programme for Axiata
Group
• Inculcates risk awareness within the Group
• Assists Axiata OpCos and Business Units in establishing their internal risk policy and structures, including
the business continuity programme for the Group
• Identification and consolidation of risk matters
• Secretariat for the GRMC
• Consolidates risk reports from Axiata OpCos and Business Units for the GRMC’s review
• Encourages and recommends the adoption of mitigation actions where appropriate
• Primarily responsible for managing risks on a day-to-day basis
• Promote risk awareness within their operations and introduce risk management objectives into their
business and operations
• Coordinate with Axiata Group Risk Management Department on implementation of risk management
policy and practices
Board of Directors
Board Audit Committee
Group Risk Management
Committee
Group Risk Management
Department
Risk Focals at
Axiata CC and OpCos
Key parties within the Group’s Risk Governance Structure
of the Group Risk Management Department, the GRMC ensures
systematic implementation and monitoring of the effectiveness of
a risk management culture and processes across the Group.
Axiata’s risk management process is guided and principally
aligned to ISO31000:2009 where risk is managed to ensure the
achievement and implementation of strategic objectives. The
Group’s risk management process typically involves identifying
particular events or circumstances relevant to our objectives and
risk appetite, assessing them in terms of likelihood and magnitude
of impact, determining a response strategy, evaluating the
adequacy of existing controls, and monitoring the implementation
of the response. The objective is to protect and create value for
our key stakeholders.
The Board is responsible and accountable for maintaining the processes of risk management and
internal control practices to safeguard shareholders’ investments and the Group’s assets.