2018 UEM Edgenta Annual Report

Company Values The Group is intensifying the communication and inculcation of the Group’s values: “Enterprising, Teamwork, Integrity, Passion and Success” amongst its employees through description of key behaviours and roll out via leaders and supervisors. Policies and Procedures Written policies are established to guide how a department or an individual within the Group works or behaves and provide guidance to employees as to what their obligations are. Some policies are supported by procedures which describe the steps the employees shall take to produce an output or to complete a process. The policies and procedures also formpart of the various management systems and are reviewed regularly and updated when necessary. Briefings and trainings are frequently held to enhance employees’ awareness on the policies and procedures. The Group has dedicated teams to carry out Quality Assurance/Quality Control, Safety, Health and Environment activities. Those teams monitor compliance to the established internal Policies and Procedures, International Management System Standards (ISO 9001 – Quality Management System, OHSAS 18001 – Occupational Quality Health & Safety Management System, ISO 14001 – Environmental Management System, ISO 13485 – Medical Devices Quality Management System ISO/ IEC 17025 – Laboratory Management System), contracts and relevant legal requirements. UEM Edgenta has established HSSE Management System to inculcate a strong HSSE culture and sustainable HSSE performance. The HSSE Management System comprises of HSSE Rules, SOPs and processes. This also includes introducing an enhanced UEM Edgenta HSSE Management System (MS) Manual which seek to make the HSSE execution simpler and more aligned within the Group. Subsidiaries within the Group have implemented several Internationally Accredited Management Systems to standardise its management and operational processes and to further improve its efficiency. The following subsidiaries have been awarded with various Management System certifications: - • Edgenta PROPEL Berhad - ISO 9001:2015 - ISO 14001:2015 - OHSAS 18001:2007 • Opus International (M) Berhad - ISO 9001:2015 - ISO 14001:2015 - OHSAS 18001:2007 • Edgenta Mediserve Sdn Bhd - ISO 9001:2015 - ISO 14001:2015 - OHSAS 18001:2007/ MS 1722: Part 1:2011 - ISO 13485:2016/EN ISO 13485:2012 • Edgenta Environmental & Material Testing Sdn Bhd - ISO 9001:2015 - ISO 14001:2015 - OHSAS 18001:2007 - ISO/IEC 17025 • KFM Holdings Sdn Bhd - ISO 9001:2015 - ISO 14001:2015 - OHSAS 18001:2007 These certifications reflect the Group’s commitment in ensuring the quality deliverables to customers, safeguard safety and health of employees and safeguard the environment. Risk Management Risk Management Framework • The RMF provides the foundation and organisational arrangement for managing risk across the Group. It illustrates how risk management is embedded in the organisational systems and integrated at all levels and work contexts, making risk consideration part of our day- to-day decision-making and business practices. • Principally aligned with ISO31000:2010, the RMF include scope and objectives, emphasis on enterprise-wide risk assessment and management, and Risk Control Effectiveness Indicators (“RCEI”), which measure the appropriateness and effectiveness of risk countermeasures based on demonstrated/observed improvements on key business, operating and financial parameters. • The RMF aims to: - Establish common risk language, modus operandi and direction with regard to risk management; - Convey the Group policy and attitude to risk management; - Set the policy, methodology, scope and application of risk management; - Detail the process for escalating and reporting risks; - Establish the roles and responsibilities for managing risk; - Facilitate open communicationbetweenmanagement and theBoard with respect to risk; encourage proactive decisionmaking; and - Build an appropriate culture of integrity and risk awareness. • The RMF has been communicated to staff of relevant levels and will be reviewed for continuous improvement. Clarify objectives A Assess risks D Establish context B Identify risks C Respond to risks E Communicate G Monitor, review & report risks F POLICY & REVIEW Board of Directors Audit and Risk Committee Risk Management Committee Risk Management Department Risk Owners (Company/ Joint Venture/ Business Unit/ Division/ Department/ Function/Project/ Process/etc) Risk Management Unit Committee INFORMATION & RISK REPORTING KEY FEATURES OF RISK MANAGEMENT FRAMEWORK Risk Appetite the amount of risk that the Company is prepared to accept or retain in pursuit of its business objectives and value Risk Assessment Methodology Risk Governance and Structure Financial Review Stakeholder Information AGM Information 119 Governance Review of Sustainability Activities