FGV Annual Report 2015

142 Felda Global Ventures Holdings Berhad Annual Integrated Report 2015 Statement on Risk Management and Internal Control GRMD has policies and procedures in place which are consistent with the ISO 31000 Risk Management Standard, developed to aid relevant personnel in undertaking their risk management responsibilities. Our risk management process FGV’s structured risk management process, which is aligned to industry standards, is detailed below. This process is rolled out across the Group, and risk profiles are developed at Business Clusters, Corporate Centers, and subsidiaries. Phase 1 Establish context Establish the strategic, organisational and risk management process context by considering the environment within which the risks are present. Phase 2 Risk identification Identify all uncertain future events that may impact the achievement of objectives, which form the basis for further analysis. Phase 3 Risk exploration Establish an understanding of the risks by considering the relationship between the causes, risks and consequences and thus enable us to evaluate key risk mitigating controls. Phase 4 Risk assessment Assess risks in terms of impact and probability, and plot them on the FGV risk matrix to derive a prioritised list of risks for further action. Phase 5 Risk treatment Identify controls and responses to manage inherent risk to an acceptable residual risk level. Assess the effectiveness of mitigating controls in collaboration with the relevant risk and control owners. Risk reporting Communicate and consult with internal and external Stakeholders, as appropriate, at each stage of the risk management process. The monitoring and review process tracks the current status of the risk profile, detects changes in the risk context and ensures that the controls are adequate in both design and operation. Monitoring and review